Leslie F. Sikos - Böcker

This book presents a collection of state-of-the-art AI approaches to cybersecurity and cyberthreat intelligence, offering strategic defense mechanisms for malware, addressing cybercrime, and assessing vulnerabilities to yield proactive rather than reactive countermeasures.

This book presents a collection of state-of-the-art approaches to utilizing machine learning, formal knowledge bases and rule sets, and semantic reasoning to detect attacks on communication networks, including IoT infrastructures, to automate malicious code detection, to efficiently predict cyberattacks in enterprises, to identify malicious URLs and DGA-generated domain names, and to improve the security of mHealth wearables. This book details how analyzing the likelihood of vulnerability exploitation using machine learning classifiers can offer an alternative to traditional penetration testing solutions. In addition, the book describes a range of techniques that support data aggregation and data fusion to automate data-driven analytics in cyberthreat intelligence, allowing complex and previously unknown cyberthreats to be identified and classified, and countermeasures to be incorporated in novel incident response and intrusion detection mechanisms.

This book presents a collection of state-of-the-art approaches to utilizing machine learning, formal knowledge bases and rule sets, and semantic reasoning to detect attacks on communication networks, including IoT infrastructures, to automate malicious code detection, to efficiently predict cyberattacks in enterprises, to identify malicious URLs and DGA-generated domain names, and to improve the security of mHealth wearables. This book details how analyzing the likelihood of vulnerability exploitation using machine learning classifiers can offer an alternative to traditional penetration testing solutions. In addition, the book describes a range of techniques that support data aggregation and data fusion to automate data-driven analytics in cyberthreat intelligence, allowing complex and previously unknown cyberthreats to be identified and classified, and countermeasures to be incorporated in novel incident response and intrusion detection mechanisms.

RDF-based knowledge graphs require additional formalisms to be fully context-aware, which is presented in this book. This book also provides a collection of provenance techniques and state-of-the-art metadata-enhanced, provenance-aware, knowledge graph-based representations across multiple application domains, in order to demonstrate how to combine graph-based data models and provenance representations.  This is important to make statements authoritative, verifiable, and reproducible, such as in biomedical, pharmaceutical, and cybersecurity applications, where the data source and generator can be just as important as the data itself.             Capturing provenance is critical to ensure sound experimental results and rigorously designed research studies for patient and drug safety, pathology reports, and medical evidence generation. Similarly, provenance is needed for cyberthreat intelligence dashboards and attack mapsthat aggregate and/or fuse heterogeneous data from disparate data sources to differentiate between unimportant online events and dangerous cyberattacks, which is demonstrated in this book. Without provenance, data reliability and trustworthiness might be limited, causing data reuse, trust, reproducibility and accountability issues.This book primarily targets researchers who utilize knowledge graphs in their methods and approaches (this includes researchers from a variety of domains, such as cybersecurity, eHealth, data science, Semantic Web, etc.). This book collects core facts for the state of the art in provenance approaches and techniques, complemented by a critical review of existing approaches. New research directions are also provided that combine data science and knowledge graphs, for an increasingly important research topic.

RDF-based knowledge graphs require additional formalisms to be fully context-aware, which is presented in this book. This book also provides a collection of provenance techniques and state-of-the-art metadata-enhanced, provenance-aware, knowledge graph-based representations across multiple application domains, in order to demonstrate how to combine graph-based data models and provenance representations.  This is important to make statements authoritative, verifiable, and reproducible, such as in biomedical, pharmaceutical, and cybersecurity applications, where the data source and generator can be just as important as the data itself.             Capturing provenance is critical to ensure sound experimental results and rigorously designed research studies for patient and drug safety, pathology reports, and medical evidence generation. Similarly, provenance is needed for cyberthreat intelligence dashboards and attack mapsthat aggregate and/or fuse heterogeneous data from disparate data sources to differentiate between unimportant online events and dangerous cyberattacks, which is demonstrated in this book. Without provenance, data reliability and trustworthiness might be limited, causing data reuse, trust, reproducibility and accountability issues.This book primarily targets researchers who utilize knowledge graphs in their methods and approaches (this includes researchers from a variety of domains, such as cybersecurity, eHealth, data science, Semantic Web, etc.). This book collects core facts for the state of the art in provenance approaches and techniques, complemented by a critical review of existing approaches. New research directions are also provided that combine data science and knowledge graphs, for an increasingly important research topic.

This book collects state-of-the-art curriculum development considerations, training methods, techniques, and best practices, as well as cybersecurity lab requirements and aspects to take into account when setting up new labs, all based on hands-on experience in teaching cybersecurity in higher education.In parallel with the increasing number and impact of cyberattacks, there is a growing demand for cybersecurity courses in higher education. More and more educational institutions offer cybersecurity courses, which come with unique and constantly evolving challenges not known in other disciplines. For example, step-by-step guides may not work for some of the students if the configuration of a computing environment is not identical or similar enough to the one the workshop material is based on, which can be a huge problem for blended and online delivery modes. Using nested virtualization in a cloud infrastructure might not be authentic for all kinds of exercises, because some of itscharacteristics can be vastly different from an enterprise network environment that would be the most important to demonstrate to students. The availability of cybersecurity datasets for training and educational purposes can be limited, and the publicly available datasets might not suit a large share of training materials, because they are often excessively documented, but not only by authoritative websites, which render these inappropriate for assignments and can be misleading for online students following training workshops and looking for online resources about datasets such as the Boss of the SOC (BOTS) datasets. The constant changes of Kali Linux make it necessary to regularly update training materials, because commands might not run the same way they did a couple of months ago.The many challenges of cybersecurity education are further complicated by the continuous evolution of networking and cloud computing, hardware and software, which shapes student expectations: what is acceptable and respected today might be obsolete or even laughable tomorrow.

This book collects state-of-the-art curriculum development considerations, training methods, techniques, and best practices, as well as cybersecurity lab requirements and aspects to take into account when setting up new labs, all based on hands-on experience in teaching cybersecurity in higher education.In parallel with the increasing number and impact of cyberattacks, there is a growing demand for cybersecurity courses in higher education. More and more educational institutions offer cybersecurity courses, which come with unique and constantly evolving challenges not known in other disciplines. For example, step-by-step guides may not work for some of the students if the configuration of a computing environment is not identical or similar enough to the one the workshop material is based on, which can be a huge problem for blended and online delivery modes. Using nested virtualization in a cloud infrastructure might not be authentic for all kinds of exercises, because some of itscharacteristics can be vastly different from an enterprise network environment that would be the most important to demonstrate to students. The availability of cybersecurity datasets for training and educational purposes can be limited, and the publicly available datasets might not suit a large share of training materials, because they are often excessively documented, but not only by authoritative websites, which render these inappropriate for assignments and can be misleading for online students following training workshops and looking for online resources about datasets such as the Boss of the SOC (BOTS) datasets. The constant changes of Kali Linux make it necessary to regularly update training materials, because commands might not run the same way they did a couple of months ago.The many challenges of cybersecurity education are further complicated by the continuous evolution of networking and cloud computing, hardware and software, which shapes student expectations: what is acceptable and respected today might be obsolete or even laughable tomorrow.

The rapid advancements and growing variety of publicly available generative AI tools enables cybersecurity use cases for threat modeling, security awareness support, web application scanning, actionable insights, and alert fatigue prevention, they also came with a steep rise in the number of offensive/rogue/malicious generative AI applications. The result is a new era of cybersecurity that necessitates new approaches to detect and mitigate cyberattacks. With large language models, social engineering tactics can reach new heights in the efficiency of phishing campaigns and cyber-deception in general. This book is a review of technologies, tools, and approaches in this rapidly increasing field. Specifically, it looks into the most common generative AI tools used by malicious actors, outlines cyber-deception techniques realized using generative AI, and the security risks of large language models. It covers malicious prompt engineering techniques hackers use in chatbots for jailbreaking common defenses, such as via a DAN prompt, the switch technique, or character play, noting that unsafe code can be generated with genAI chatbots even without jailbreaking (such as via modular coding). Being familiar with these is important not only to understand how threat actors bypass security mechanisms of chatbots, but also to be able to use chatbots for ethical hacking without being blocked (differentiating between legitimate and nefarious use). This book also discusses how text-to-image, text-to-speech, and text-to-video diffusion models are used in the wild for cyber-deception, and deepfake detection techniques to fight against this. The reactive countermeasures covered also include spam detection and online harassment protection. Proactive countermeasures are suggested to make generative AI models less susceptible to misuse, from hardening security of generative AI services and tools to securing generative AI use.

It draws attention to the importance of formal grounding in the knowledge representation of multimedia objects, the potential of multimedia reasoning in intelligent multimedia applications, and presents both theoretical discussions and best practices in multimedia ontology engineering.

It draws attention to the importance of formal grounding in the knowledge representation of multimedia objects, the potential of multimedia reasoning in intelligent multimedia applications, and presents both theoretical discussions and best practices in multimedia ontology engineering.