Cyber-security is a matter of rapidly growing importance in industry and government. This book provides insight into a range of data science techniques for addressing these pressing concerns.The application of statistical and broader data science techniques provides an exciting growth area in the design of cyber defences. Networks of connected devices, such as enterprise computer networks or the wider so-called Internet of Things, are all vulnerable to misuse and attack, and data science methods offer the promise to detect such behaviours from the vast collections of cyber traffic data sources that can be obtained. In many cases, this is achieved through anomaly detection of unusual behaviour against understood statistical models of normality.This volume presents contributed papers from an international conference of the same name held at Imperial College. Experts from the field have provided their latest discoveries and review state of the art technologies.

Malware Data Science explains how to identify, analyze, and classify large-scale malware using machine learning and data visualization. Security has become a "big data" problem. The growth rate of malware has accelerated to tens of millions of new files per year while our networks generate an ever-larger flood of security-relevant data each day. In order to defend against these advanced attacks, you'll need to know how to think like a data scientist. In Malware Data Science, security data scientist Joshua Saxe introduces machine learning, statistics, social network analysis, and data visualization, and shows you how to apply these methods to malware detection and analysis. You'll learn how to: - Analyze malware using static analysis - Observe malware behavior using dynamic analysis - Identify adversary groups through shared code analysis - Catch 0-day vulnerabilities by building your own machine learning detector - Measure malware detector accuracy - Identify malware campaigns, trends, and relationships through data visualization Whether you're a malware analyst looking to add skills to your existing arsenal, or a data scientist interested in attack detection and threat intelligence, Malware Data Science will help you stay ahead of the curve.

This book has two main goals: to define data science through the work of data scientists and their results, namely data products, while simultaneously providing the reader with relevant lessons learned from applied data science projects at the intersection of academia and industry. As such, it is not a replacement for a classical textbook (i.e., it does not elaborate on fundamentals of methods and principles described elsewhere), but systematically highlights the connection between theory, on the one hand, and its application in specific use cases, on the other. With these goals in mind, the book is divided into three parts: Part I pays tribute to the interdisciplinary nature of data science and provides a common understanding of data science terminology for readers with different backgrounds. These six chapters are geared towards drawing a consistent picture of data science and were predominantly written by the editors themselves. Part II then broadens the spectrum by presenting views and insights from diverse authors – some from academia and some from industry, ranging from financial to health and from manufacturing to e-commerce. Each of these chapters describes a fundamental principle, method or tool in data science by analyzing specific use cases and drawing concrete conclusions from them. The case studies presented, and the methods and tools applied, represent the nuts and bolts of data science. Finally, Part III was again written from the perspective of the editors and summarizes the lessons learned that have been distilled from the case studies in Part II. The section can be viewed as a meta-study on data science across a broad range of domains, viewpoints and fields. Moreover, it provides answers to the question of what the mission-critical factors for success in different data science undertakings are. The book targets professionals as well as students of data science: first, practicing data scientists in industry and academia who want to broaden their scope and expand their knowledge by drawing on the authors’ combined experience. Second, decision makers in businesses who face the challenge of creating or implementing a data-driven strategy and who want to learn from success stories spanning a range of industries. Third, students of data science who want to understand both the theoretical and practical aspects of data science, vetted by real-world case studies at the intersection of academia and industry.

Secure data science, which integrates cyber security and data science, is becoming one of the critical areas in both cyber security and data science. This is because the novel data science techniques being developed have applications in solving such cyber security problems as intrusion detection, malware analysis, and insider threat detection. However, the data science techniques being applied not only for cyber security but also for every application area—including healthcare, finance, manufacturing, and marketing—could be attacked by malware. Furthermore, due to the power of data science, it is now possible to infer highly private and sensitive information from public data, which could result in the violation of individual privacy. This is the first such book that provides a comprehensive overview of integrating both cyber security and data science and discusses both theory and practice in secure data science. After an overview of security and privacy for big data services as well as cloud computing, this book describes applications of data science for cyber security applications. It also discusses such applications of data science as malware analysis and insider threat detection. Then this book addresses trends in adversarial machine learning and provides solutions to the attacks on the data science techniques. In particular, it discusses some emerging trends in carrying out trustworthy analytics so that the analytics techniques can be secured against malicious attacks. Then it focuses on the privacy threats due to the collection of massive amounts of data and potential solutions. Following a discussion on the integration of services computing, including cloud-based services for secure data science, it looks at applications of secure data science to information sharing and social media. This book is a useful resource for researchers, software developers, educators, and managers who want to understand both the high level concepts and the technical details on the design and implementation of secure data science-based systems. It can also be used as a reference book for a graduate course in secure data science. Furthermore, this book provides numerous references that would be helpful for the reader to get more details about secure data science.

Traditional intrusion detection and logfile analysis are no longer enough to protect today’s complex networks. In this practical guide, security researcher Michael Collins shows you several techniques and tools for collecting and analyzing network traffic datasets. You’ll understand how your network is used, and what actions are necessary to protect and improve it. Divided into three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It’s ideal for network administrators and operational security analysts familiar with scripting. Explore network, host, and service sensors for capturing security data Store data traffic with relational databases, graph databases, Redis, and Hadoop Use SiLK, the R language, and other tools for analysis and visualization Detect unusual phenomena through Exploratory Data Analysis (EDA) Identify significant structures in networks with graph analysis Determine the traffic that’s crossing service ports in a network Examine traffic volume and behavior to spot DDoS and database raids Get a step-by-step process for network mapping and inventory

This book encompasses a systematic exploration of Cybersecurity Data Science (CSDS) as an emerging profession, focusing on current versus idealized practice. This book also analyzes challenges facing the emerging CSDS profession, diagnoses key gaps, and prescribes treatments to facilitate advancement. Grounded in the management of information systems (MIS) discipline, insights derive from literature analysis and interviews with 50 global CSDS practitioners. CSDS as a diagnostic process grounded in the scientific method is emphasized throughout Cybersecurity Data Science (CSDS) is a rapidly evolving discipline which applies data science methods to cybersecurity challenges. CSDS reflects the rising interest in applying data-focused statistical, analytical, and machine learning-driven methods to address growing security gaps. This book offers a systematic assessment of the developing domain. Advocacy is provided to strengthen professional rigor and best practices in the emerging CSDS profession. This book will be of interest to a range of professionals associated with cybersecurity and data science, spanning practitioner, commercial, public sector, and academic domains. Best practices framed will be of interest to CSDS practitioners, security professionals, risk management stewards, and institutional stakeholders. Organizational and industry perspectives will be of interest to cybersecurity analysts, managers, planners, strategists, and regulators. Research professionals and academics are presented with a systematic analysis of the CSDS field, including an overview of the state of the art, a structured evaluation of key challenges, recommended best practices, and an extensive bibliography.