Cache Сохраненный результат вычисления
Скачать 17.48 Kb.
|
Cybersecurity is gaining more and more attention. Such widespread interest in ML is due to two critical factors: First, it can automate processes that previously required human participation. Second, it can quickly process and analyze huge amounts of information and calculate options using many variables. The main goal of the current work explore ML usage in cybersecurity and research use cases related to the adversary’s use of ML in cyberattacks. ML is the process by which machines learn from given data, building the logic and predicting output for a given input . ML has three sub-categories: supervised learning, unsupervised learning and reinforcement learning. Neural networks (NNs) are typically organized in layers. Layers consist of a number of interconnected 'nodes' that contain an 'activation function'. The scope of ML usage in cybersecurity is huge, starting with identifying anomalies and suspicious or unusual behaviours and ending with detecting zero-day vulnerabilities and patching known ones. Automated vulnerability scanning is one of the most obvious and common tasks in a cyberattack. Exists two scenarios for the weaponization and delivery stages: First, in the case of humanless intrusion, attackers can use a similar tool but utilize information provided by Shodan or Mitch instead of features obtained using a computer vision. Second, attackers can use social engineering, using tools for profiling and for spear-phishing described in the previous section and creating click-bytes links to infect the victim. We should also note the consequences that more active implementation of ML can bring: automation and the resulting loss of human jobs and inevitable conflict with the existing legal framework, for example, when using technologies to prevent cybercrime or cyberterrorism. Cache - Сохраненный результат вычисления. Data processing - Обработка данных Device driver - Драйвер Debugger - Отладчик Database - База данных an encoding – кодировка malicious software (malware) вредоносное программное обеспечение spyware - программа-шпион, шпионское программное обеспечение cyberattack - кибератака; cybersecurity - информационная безопасность; deep learning - глубокое обучение; machine learning - машинное обучение; supervised learning - контролируемое обучение; unsupervised learning - обучение без учителя; reinforcement learning - обучение с подкреплением; Neural networks - Нейронные сети; Generator - генератор; data mining - это способ анализа данных, предназначенный для поиска ранее неизвестных закономерностей в больших массивах информации; Cross-Industry Standard Process for Data Mining (CRISP-DM) -Межотраслевой стандартный процесс интеллектуального анализа данных; ensemble learning - ансамблевое обучение; clustering - кластеризация; decision tree - Древо решений; intrusion detection system (IDS) - система обнаружения вторжений; Intrusion prevention system (IPS) - Система предотвращения вторжений; Artificial Neural Networks (ANNs) - Искусственные нейронные сети; generative adversarial network (GAN) - генеративная состязательная сеть; Web application firewall (WAF) - Брандмауэр веб-приложений; Automation - автоматизация; Cyberterrorism - кибертерроризм; post-exploitation - постэксплуатационный. |