└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # Machine Learning for Cyber Security [![Awesom](https://3.bp.blogspot.com/-ol6mgvgyN3A/WHvHkXyG6rI/AAAAAAAAB1s/OzsvrKL7glc5I7tR4GluinTXvkM2IUgSgCLcB/s1600/machine%2Blearning%2Bfor%2Bcyber%2Bsecurity.png)](http://kalitut.com) 2 | 3 | 4 | A curated list of amazingly awesome tools and resources related to the use of machine learning for cyber security. 5 | 6 | ## Table of Contents 7 | 8 | - [Datasets](#-datasets) 9 | - [Papers](#-papers) 10 | - [Books](#-books) 11 | - [Talks](#-talks) 12 | - [Tutorials](#-tutorials) 13 | - [Courses](#-courses) 14 | - [Miscellaneous](#-miscellaneous) 15 | 16 | ## [↑](#table-of-contents) Datasets 17 | 18 | * [Samples of Security Related Dats](http://www.secrepo.com/) 19 | * [DARPA Intrusion Detection Data Sets](https://www.ll.mit.edu/ideval/data/) 20 | * [Stratosphere IPS Data Sets](https://stratosphereips.org/category/dataset.html) 21 | * [Open Data Sets](http://csr.lanl.gov/data/) 22 | * [Data Capture from National Security Agency](http://www.westpoint.edu/crc/SitePages/DataSets.aspx) 23 | * [The ADFA Intrusion Detection Data Sets](https://www.unsw.adfa.edu.au/australian-centre-for-cyber-security/cybersecurity/ADFA-IDS-Datasets) 24 | * [NSL-KDD Data Sets](https://github.com/defcom17/NSL_KDD) 25 | * [Malicious URLs Data Sets](https://sysnet.ucsd.edu/projects/url) 26 | * [Multi-Source Cyber-Security Events](http://csr.lanl.gov/data/cyber1/) 27 | * [Malware Training Sets: A machine learning dataset for everyone](http://marcoramilli.blogspot.cz/2016/12/malware-training-sets-machine-learning.html) 28 | 29 | ## [↑](#table-of-contents) Papers 30 | 31 | * [Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks](https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/melicher) 32 | * [Outside the Closed World: On Using Machine Learning for Network Intrusion Detection](http://ieeexplore.ieee.org/document/5504793/?reload=true) 33 | * [Anomalous Payload-Based Network Intrusion Detection](https://link.springer.com/chapter/10.1007/978-3-540-30143-1_11) 34 | * [Malicious PDF detection using metadata and structural features](http://dl.acm.org/citation.cfm?id=2420987) 35 | * [Adversarial support vector machine learning](https://dl.acm.org/citation.cfm?id=2339697) 36 | * [Exploiting machine learning to subvert your spam filter](https://dl.acm.org/citation.cfm?id=1387709.1387716) 37 | * [CAMP – Content Agnostic Malware Protection](http://www.covert.io/research-papers/security/CAMP%20-%20Content%20Agnostic%20Malware%20Protection.pdf) 38 | * [Notos – Building a Dynamic Reputation System for DNS](http://www.covert.io/research-papers/security/Notos%20-%20Building%20a%20dynamic%20reputation%20system%20for%20dns.pdf) 39 | * [Kopis – Detecting malware domains at the upper dns hierarchy](http://www.covert.io/research-papers/security/Kopis%20-%20Detecting%20malware%20domains%20at%20the%20upper%20dns%20hierarchy.pdf) 40 | * [Pleiades – From Throw-away Traffic To Bots – Detecting The Rise Of DGA-based Malware](http://www.covert.io/research-papers/security/From%20throw-away%20traffic%20to%20bots%20-%20detecting%20the%20rise%20of%20dga-based%20malware.pdf) 41 | * [EXPOSURE – Finding Malicious Domains Using Passive DNS Analysis](http://www.covert.io/research-papers/security/Exposure%20-%20Finding%20malicious%20domains%20using%20passive%20dns%20analysis.pdf) 42 | * [Polonium – Tera-Scale Graph Mining for Malware Detection](http://www.covert.io/research-papers/security/Polonium%20-%20Tera-Scale%20Graph%20Mining%20for%20Malware%20Detection.pdf) 43 | * [Nazca – Detecting Malware Distribution in Large-Scale Networks](http://www.covert.io/research-papers/security/Nazca%20-%20%20Detecting%20Malware%20Distribution%20in%20Large-Scale%20Networks.pdf) 44 | * [PAYL – Anomalous Payload-based Network Intrusion Detection](http://www.covert.io/research-papers/security/PAYL%20-%20Anomalous%20Payload-based%20Network%20Intrusion%20Detection.pdf) 45 | * [Anagram – A Content Anomaly Detector Resistant to Mimicry Attacks](http://www.covert.io/research-papers/security/Anagram%20-%20A%20Content%20Anomaly%20Detector%20Resistant%20to%20Mimicry%20Attack.pdf) 46 | * [Applications of Machine Learning in Cyber Security](https://www.researchgate.net/publication/283083699_Applications_of_Machine_Learning_in_Cyber_Security) 47 | * [An Investigation of Byte N-Gram Features for Malware Classification](http://www.readcube.com/articles/10.1007/s11416-016-0283-1?author_access_token=Y2ftVow3BBIXRTHYIxoCG_e4RwlQNchNByi7wbcMAY4NW74db1mhZZQDQYJ1tM7Y-KZqnwIXRhZC64F6SuX0bowkkoy4Ro-NFZSGOs2sw2kG7I6cMZb9G3I0tfGpLO_rZlh-MF7KZ2i-qxjmAi-Shw%3D%3D) 48 | 49 | ## [↑](#table-of-contents) Books 50 | 51 | * [Data Mining and Machine Learning in Cybersecurity](http://amzn.to/2iuWdYX) 52 | * [Machine Learning and Data Mining for Computer Security](http://amzn.to/2jnCHBs) 53 | * [Network Anomaly Detection: A Machine Learning Perspective](http://amzn.to/2jlPsgm) 54 | * [Machine Learning for Hackers: Case Studies and Algorithms to Get You Started](http://amzn.to/2jyBZPo) 55 | 56 | ## [↑](#table-of-contents) Talks 57 | 58 | * [Using Machine Learning to Support Information Security](https://www.youtube.com/watch?v=tukidI5vuBs) 59 | * [Defending Networks with Incomplete Information](https://www.youtube.com/watch?v=36IT9VgGr0g) 60 | * [Applying Machine Learning to Network Security Monitoring](https://www.youtube.com/watch?v=vy-jpFpm1AU) 61 | * [Measuring the IQ of your Threat Intelligence Feeds](https://www.youtube.com/watch?v=yG6QlHOAWiE) 62 | * [Data-Driven Threat Intelligence: Metrics On Indicator Dissemination And Sharing](https://www.youtube.com/watch?v=6JMEKnes-w0) 63 | * [Applied Machine Learning for Data Exfil and Other Fun Topics](https://www.youtube.com/watch?v=dGwH7m4N8DE) 64 | * [Secure Because Math: A Deep-Dive on ML-Based Monitoring](https://www.youtube.com/watch?v=TYVCVzEJhhQ) 65 | * [Machine Duping 101: Pwning Deep Learning Systems](https://www.youtube.com/watch?v=JAGDpJFFM2A) 66 | * [Delta Zero, KingPhish3r – Weaponizing Data Science for Social Engineering](https://www.youtube.com/watch?v=l7U0pDcsKLg) 67 | * [Defeating Machine Learning What Your Security Vendor Is Not Telling You](https://www.youtube.com/watch?v=oiuS1DyFNd8) 68 | * [CrowdSource: Crowd Trained Machine Learning Model for Malware Capability Det](https://www.youtube.com/watch?v=u6a7afsD39A) 69 | * [Defeating Machine Learning: Systemic Deficiencies for Detecting Malware](https://www.youtube.com/watch?v=sPtbDUJjhbk) 70 | * [Packet Capture Village – Theodora Titonis – How Machine Learning Finds Malware](https://www.youtube.com/watch?v=2cQRSPFSY-s) 71 | * [Build an Antivirus in 5 Min – Fresh Machine Learning #7. A fun video to watch](https://www.youtube.com/watch?v=iLNHVwSu9EA&t=245s) 72 | * [Hunting for Malware with Machine Learning](https://www.youtube.com/watch?v=zT-4zdtvR30) 73 | * [Machine Learning for Threat Detection](https://www.youtube.com/watch?v=qVwktOa-F34) 74 | * [Machine Learning and the Cloud: Disrupting Threat Detection and Prevention](https://www.youtube.com/watch?v=fRklX97iGIw) 75 | * [Fraud detection using machine learning & deep learning](https://www.youtube.com/watch?v=gHtN4jU69W0) 76 | * [The Applications Of Deep Learning On Traffic Identification](https://www.youtube.com/watch?v=B7OKgC3AJVM) 77 | * [Defending Networks With Incomplete Information: A Machine Learning Approach](https://www.youtube.com/watch?v=_0CRSF6yPB4) 78 | * [Machine Learning & Data Science](https://vimeo.com/112702666) 79 | 80 | ## [↑](#table-of-contents) Tutorials 81 | 82 | * [Click Security Data Hacking Project](http://clicksecurity.github.io/data_hacking/) 83 | * [Using Neural Networks to generate human readable passwords](http://fsecurify.com/using-neural-networks-to-generate-human-readable-passwords/) 84 | * [Machine Learning based Password Strength Classification](http://fsecurify.com/machine-learning-based-password-strength-checking/) 85 | * [Using Machine Learning to Detect Malicious URLs](http://fsecurify.com/using-machine-learning-detect-malicious-urls/) 86 | * [Big Data and Data Science for Security and Fraud Detection](http://www.kdnuggets.com/2015/12/big-data-science-security-fraud-detection.html) 87 | * [Using deep learning to break a Captcha system](https://deepmlblog.wordpress.com/2016/01/03/how-to-break-a-captcha-system/) 88 | * [Data mining for network security and intrusion detection](https://www.r-bloggers.com/data-mining-for-network-security-and-intrusion-detection/) 89 | * [An Introduction to Machine Learning for Cybersecurity and Threat Hunting](http://blog.sqrrl.com/an-introduction-to-machine-learning-for-cybersecurity-and-threat-hunting) 90 | 91 | ## [↑](#table-of-contents) Courses 92 | 93 | * [Data Mining for Cyber Security by Stanford](https://web.stanford.edu/class/cs259d) 94 | 95 | ## [↑](#table-of-contents) Miscellaneous 96 | 97 | * [System predicts 85 percent of cyber-attacks using input from human experts](https://news.mit.edu/2016/ai-system-predicts-85-percent-cyber-attacks-using-input-human-experts-0418) 98 | * [A list of open source projects in cyber security using machine learning](http://www.mlsecproject.org/#open-source-projects) 99 | 100 | Please have a look at 101 | * [Best Hacking Books](http://www.kalitut.com/2016/12/best-ethical-hacking-books.html) 102 | * [Best Reverse Engineering Books](http://www.kalitut.com/2017/01/Best-reverse-engineering-books.html) 103 | * [Best Machine learning Books](http://www.kalitut.com/2017/01/machine-learning-book.html) 104 | * [Best 5 books Programming Books](http://www.kalitut.com/2017/01/Top-Programming-Books.html) 105 | * [Best Java Books](http://www.kalitut.com/2017/01/Best-Java-Programming-Books.html) 106 | --------------------------------------------------------------------------------