AI, Machine Learning and Deep Learning

AI, Machine Learning and Deep Learning

by Fei Hu, Xiali Hei
Released June 2023
Publisher(s): CRC Press
ISBN: 9781000878899

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Today AI and Machine/Deep Learning have become the hottest areas in the information technology. This book aims to provide a complete picture on the challenges and solutions to the security issues in various applications. It explains how different attacks can occur in advanced AI tools and the challenges of overcoming those attacks.

Table of contents

  1. Cover
  2. Half Title
  3. Title Page
  4. Copyright Page
  5. Table of Contents
  6. Preface
  7. About the Editors
  8. Contributors
  9. Part I Secure AI/ML Systems: Attack Models
    1. 1 Machine Learning Attack Models
      1. 1.1 Introduction
      2. 1.2 Background
        1. 1.2.1 Notation
        2. 1.2.2 Support Vector Machines
        3. 1.2.3 Neural Networks
      3. 1.3 White-box adversarial attacks
        1. 1.3.1 L-BGFS Attack
        2. 1.3.2 Fast Gradient Sign Method
        3. 1.3.3 Basic Iterative Method
        4. 1.3.4 DeepFool
        5. 1.3.5 Fast Adaptive Boundary Attack
        6. 1.3.6 Carlini and Wagner’s Attack
        7. 1.3.7 Shadow Attack
        8. 1.3.8 Wasserstein Attack
      4. 1.4 Black-box adversarial attacks
        1. 1.4.1 Transfer Attack
        2. 1.4.2 Score-based Black-box Attacks
        3. 1.4.3 Decision-based Attack
      5. 1.5 Data poisoning attacks
        1. 1.5.1 Label Flipping Attacks
        2. 1.5.2 Clean Label Data Poisoning Attack
        3. 1.5.3 Backdoor Attack
      6. 1.6 Conclusions
      7. Acknowledgment
      8. Note
      9. References
    2. 2 Adversarial Machine Learning: A New Threat Paradigm for Next-generation Wireless Communications
      1. 2.1 Introduction
        1. 2.1.1 Scope and Background
      2. 2.2 Adversarial machine learning
      3. 2.3 Challenges and gaps
        1. 2.3.1 Development Environment
        2. 2.3.2 Training and Test Datasets
        3. 2.3.3 Repeatability, Hyperparameter Optimization, and Explainability
        4. 2.3.4 Embedded Implementation
      4. 2.4 Conclusions and recommendations
      5. References
    3. 3 Threat of Adversarial Attacks to Deep Learning: A Survey
      1. 3.1 Introduction
      2. 3.2 Categories of attacks
        1. 3.2.1 White-box Attacks
          1. FGSM-based Method
          2. JSMA-based Method
        2. 3.2.2 Black-box Attacks
          1. Mobility-based Approach
          2. Gradient Estimation-based Approach
      3. 3.3 Attacks overview
        1. 3.3.1 Attacks on Computer-Vision-Based Applications
        2. 3.3.2 Attacks on Natural Language Processing Applications
        3. 3.3.3 Attacks on Data Poisoning Applications
      4. 3.4 Specific attacks in the real world
        1. 3.4.1 Attacks on Natural Language Processing
        2. 3.4.2 Attacks Using Data Poisoning
      5. 3.5 Discussions and open issues
      6. 3.6 Conclusions
      7. References
    4. 4 Attack Models for Collaborative Deep Learning
      1. 4.1 Introduction
      2. 4.2 Background
        1. 4.2.1 Deep Learning (DL)
          1. Convolution Neural Network
        2. 4.2.2 Collaborative Deep Learning (CDL)
          1. Architecture
          2. Collaborative Deep Learning Workflow
        3. 4.2.3 Deep Learning Security and Collaborative Deep Learning Security
      3. 4.3 Auror: an automated defense
        1. 4.3.1 Problem Setting
        2. 4.3.2 Threat Model
          1. Targeted Poisoning Attacks
        3. 4.3.3 AUROR Defense
        4. 4.3.4 Evaluation
      4. 4.4 A New cdl attack: gan attack
        1. 4.4.1 Generative Adversarial Network (GAN)
        2. 4.4.2 GAN Attack
          1. Main Protocol
        3. 4.4.3 Experiment Setups
          1. Dataset
          2. System Architecture
          3. Hyperparameter Setup
        4. 4.4.4 Evaluation
      5. 4.5 Defend against gan attack in IoT
        1. 4.5.1 Threat Model
        2. 4.5.2 Defense System
        3. 4.5.3 Main Protocols
        4. 4.5.4 Evaluation
      6. 4.6 Conclusions
      7. Acknowledgment
      8. References
    5. 5 Attacks on Deep Reinforcement Learning Systems: A Tutorial
      1. 5.1 Introduction
      2. 5.2 Characterizing attacks on drl systems
      3. 5.3 Adversarial attacks
      4. 5.4 Policy induction attacks
      5. 5.5 Conclusions and future directions
      6. References
    6. 6 Trust and Security of Deep Reinforcement Learning
      1. 6.1 Introduction
      2. 6.2 Deep reinforcement learning overview
        1. 6.2.1 Markov Decision Process
        2. 6.2.2 Value-based Methods
          1. V-value Function
          2. Q-value Function
          3. Advantage Function
          4. Bellman Equation
        3. 6.2.3 Policy-based Methods
        4. 6.2.4 Actor–Critic Methods
        5. 6.2.5 Deep Reinforcement Learning
      3. 6.3 The most recent reviews
        1. 6.3.1 Adversarial Attack on Machine Learning
          1. 6.3.1.1 Evasion Attack
          2. 6.3.1.2 Poisoning Attack
        2. 6.3.2 Adversarial Attack on Deep Learning
          1. 6.3.2.1 Evasion Attack
          2. 6.3.2.2 Poisoning Attack
        3. 6.3.3 Adversarial Deep Reinforcement Learning
      4. 6.4 Attacks on drl systems
        1. 6.4.1 Attacks on Environment
        2. 6.4.2 Attacks on States
        3. 6.4.3 Attacks on Policy Function
        4. 6.4.4 Attacks on Reward Function
      5. 6.5 Defenses against drl system attacks
        1. 6.5.1 Adversarial Training
        2. 6.5.2 Robust Learning
        3. 6.5.3 Adversarial Detection
      6. 6.6 Robust drl systems
        1. 6.6.1 Secure Cloud Platform
        2. 6.6.2 Robust DRL Modules
      7. 6.7 A scenario of financial stability
        1. 6.7.1 Automatic Algorithm Trading Systems
      8. 6.8 Conclusion and future work
      9. References
    7. 7 IoT Threat Modeling Using Bayesian Networks
      1. 7.1 Background
      2. 7.2 Topics of chapter
      3. 7.3 Scope
      4. 7.4 Cyber security in IoT networks
        1. 7.4.1 Smart Home
        2. 7.4.2 Attack Graphs
      5. 7.5 Modeling with bayesian networks
        1. 7.5.1 Graph Theory
        2. 7.5.2 Probabilities and Distributions
        3. 7.5.3 Bayesian Networks
        4. 7.5.4 Parameter Learning
        5. 7.5.5 Inference
      6. 7.6 Model implementation
        1. 7.6.1 Network Structure
        2. 7.6.2 Attack Simulation
          1. Selection Probabilities
          2. Vulnerability Probabilities Based on CVSS Scores
          3. Attack Simulation Algorithm
        3. 7.6.3 Network Parametrization
        4. 7.6.4 Results
      7. 7.7 Conclusions and future work
      8. References
  10. Part II Secure AI/ML Systems: Defenses
    1. 8 Survey of Machine Learning Defense Strategies
      1. 8.1 Introduction
      2. 8.2 Security threats
      3. 8.3 Honeypot defense
      4. 8.4 Poisoned data defense
      5. 8.5 Mixup inference against adversarial attacks
      6. 8.6 Cyber-physical techniques
      7. 8.7 Information fusion defense
      8. 8.8 Conclusions and future directions
      9. References
    2. 9 Defenses Against Deep Learning Attacks
      1. 9.1 Introduction
      2. 9.2 Categories of defenses
        1. 9.2.1 Modified Training or Modified Input
          1. Data Preprocessing
          2. Data Augmentation
        2. 9.2.2 Modifying Networks Architecture
          1. Network Distillation
          2. Model Regularization
        3. 9.2.3 Network Add-on
          1. Defense Against Universal Perturbations
          2. MegNet Model
      3. 9.4 Discussions and open issues
      4. 9.5 Conclusions
      5. References
    3. 10 Defensive Schemes for Cyber Security of Deep Reinforcement Learning
      1. 10.1 Introduction
      2. 10.2 Background
        1. 10.2.1 Model-free RL
        2. 10.2.2 Deep Reinforcement Learning
        3. 10.2.3 Security of DRL
      3. 10.3 Certificated verification for adversarial examples
        1. 10.3.1 Robustness Certification
        2. 10.3.2 System Architecture
        3. 10.3.3 Experimental Results
      4. 10.4 Robustness on adversarial state observations
        1. 10.4.1 State-adversarial DRL for Deterministic Policies: DDPG
        2. 10.4.2 State-adversarial DRL for Q-Learning: DQN
        3. 10.4.3 Experimental Results
      5. 10.5 Conclusion and challenges
      6. Acknowledgment
      7. References
    4. 11 Adversarial Attacks on Machine Learning Models in Cyber- Physical Systems
      1. 11.1 Introduction
      2. 11.2 Support vector machine (svm) under evasion attacks
        1. 11.2.1 Adversary Model
        2. 11.2.2 Attack Scenarios
        3. 11.2.3 Attack Strategy
      3. 11.3 Svm under causality availability attack
      4. 11.4 Adversarial label contamination on svm
        1. 11.4.1 Random Label Flips
        2. 11.4.2 Adversarial Label Flips
      5. 11.5 Conclusions
      6. References
    5. 12 Federated Learning and Blockchain: An Opportunity for Artificial Intelligence with Data Regulation
      1. 12.1 Introduction
      2. 12.2 Data security and federated learning
      3. 12.3 Federated learning context
        1. 12.3.1 Type of Federation
          1. 12.3.1.1 Model-centric Federated Learning
          2. 12.3.1.2 Data-centric Federated Learning
        2. 12.3.2 Techniques
          1. 12.3.2.1 Horizontal Federated Learning
          2. 12.3.2.2 Vertical Federated Learning
      4. 12.4 Challenges
        1. 12.4.1 Trade-off Between Efficiency and Privacy
        2. 12.4.2 Communication Bottlenecks [1]
        3. 12.4.3 Poisoning [2]
      5. 12.5 Opportunities
        1. 12.5.1 Leveraging Blockchain
      6. 12.6 Use case: leveraging privacy, integrity, and availability for data-centric federated learning using a blockchain-based approach
        1. 12.6.1 Results
      7. 12.7 Conclusion
      8. References
  11. Part III Using AI/ML Algorithms for Cyber Security
    1. 13 Using Machine Learning for Cyber Security: Overview
      1. 13.1 Introduction
      2. 13.2 Is artificial intelligence enough to stop cyber crime?
      3. 13.3 Corporations’ use of machine learning to strengthen their cyber security systems
      4. 13.4 Cyber attack/cyber security threats and attacks
        1. 13.4.1 Malware
        2. 13.4.2 Data Breach
        3. 13.4.3 Structured Query Language Injection (SQL-i)
        4. 13.4.4 Cross-site Scripting (XSS)
        5. 13.4.5 Denial-of-service (DOS) Attack
        6. 13.4.6 Insider Threats
        7. 13.4.7 Birthday Attack
        8. 13.4.8 Network Intrusions
        9. 13.4.9 Impersonation Attacks
        10. 13.4.10 DDoS Attacks Detection on Online Systems
      5. 13.5 Different machine learning techniques in cyber security
        1. 13.5.1 Support Vector Machine (SVM)
        2. 13.5.2 K-nearest Neighbor (KNN)
        3. 13.5.3 Naïve Bayes
        4. 13.5.4 Decision Tree
        5. 13.5.5 Random Forest (RF)
        6. 13.5.6 Multilayer Perceptron (MLP)
      6. 13.6 Application of machine learning
        1. 13.6.1 ML in Aviation Industry
        2. 13.6.2 Cyber ML Under Cyber Security Monitoring
        3. 13.6.3 Battery Energy Storage System (BESS) Cyber Attack Mitigation
        4. 13.6.4 Energy-based Cyber Attack Detection in Large-Scale Smart Grids
        5. 13.6.5 IDS for Internet of Vehicles (IoV)
      7. 13.7 Deep learning techniques in cyber security
        1. 13.7.1 Deep Auto-encoder
        2. 13.7.2 Convolutional Neural Networks (CNN)
        3. 13.7.3 Recurrent Neural Networks (RNNs)
        4. 13.7.4 Deep Neural Networks (DNNs)
        5. 13.7.5 Generative Adversarial Networks (GANs)
        6. 13.7.6 Restricted Boltzmann Machine (RBM)
        7. 13.7.7 Deep Belief Network (DBN)
      8. 13.8 Applications of deep learning in cyber security
        1. 13.8.1 Keystroke Analysis
        2. 13.8.2 Secure Communication in IoT
        3. 13.8.3 Botnet Detection
        4. 13.8.4 Intrusion Detection and Prevention Systems (IDS/IPS)
        5. 13.8.5 Malware Detection in Android
        6. 13.8.6 Cyber Security Datasets
        7. 13.8.7 Evaluation Metrics
      9. 13.9 Conclusion
      10. References
    2. 14 Performance of Machine Learning and Big Data Analytics Paradigms in Cyber Security
      1. 14.1 Introduction
        1. 14.1.1 Background on Cyber Security and Machine Learning
        2. 14.1.2 Background Perspectives to Big Data Analytics and Cyber Security
        3. 14.1.3 Supervised Learning Algorithms
        4. 14.1.4 Statement of the Problem
        5. 14.1.5 Purpose of Study
        6. 14.1.6 Research Objectives
        7. 14.1.7 Research Questions
      2. 14.2 Literature review
        1. 14.2.1 Overview
        2. 14.2.2 Classical Machine Learning (CML)
          1. 14.2.2.1 Logistic Regression (LR)
          2. 14.2.2.2 Naïve Bayes (NB)
          3. 14.2.2.3 Decision Tree (DT)
          4. 14.2.2.4 K-nearest Neighbor (KNN)
          5. 14.2.2.5 AdaBoost (AB)
          6. 14.2.2.6 Random Forest (RF)
          7. 14.2.2.7 Support Vector Machine (SVM)
        3. 14.2.3 Modern Machine Learning
          1. 14.2.3.1 Deep Neural Network (DNN)
          2. 14.2.3.2 Future of AI in the Fight against Cyber Crimes
        4. 14.2.4 Big Data Analytics and Cyber Security
          1. 14.2.4.1 Big Data Analytics Issues
          2. 14.2.4.2 Independent Variable: Big Data Analytics
          3. 14.2.4.3 Intermediating Variables
          4. 14.2.4.4 Conceptual Framework
          5. 14.2.4.5 Theoretical Framework
          6. 14.2.4.6 Big Data Analytics Application to Cyber Security
          7. 14.2.4.7 Big Data Analytics and Cyber Security Limitations
          8. 14.2.4.8 Limitations
        5. 14.2.5 Advances in Cloud Computing
          1. 14.2.5.1 Explaining Cloud Computing and How It Has Evolved to Date
        6. 14.2.6 Cloud Characteristics
        7. 14.2.7 Cloud Computing Service Models
          1. 14.2.7.1 Software as a Service (SaaS)
          2. 14.2.7.2 Platform as a Service (PaaS)
          3. 14.2.7.3 Infrastructure as a Service (IaaS)
        8. 14.2.8 Cloud Deployment Models
          1. 14.2.8.1 Private Cloud
          2. 14.2.8.2 Public Cloud
          3. 14.2.8.3 Hybrid Cloud
          4. 14.2.8.4 Community Cloud
          5. 14.2.8.5 Advantages and Disadvantages of Cloud Computing
          6. 14.2.8.6 Six Main Characteristics of Cloud Computing and How They Are Leveraged
          7. 14.2.8.7 Some Advantages of Network Function Virtualization
          8. 14.2.8.8 Virtualization and Containerization Compared and Contrasted
      3. 14.3 Research methodology
        1. 14.3.1 Presentation of the Methodology
          1. 14.3.1.1 Research Approach and Philosophy
          2. 14.3.1.2 Research Design and Methods
        2. 14.3.2 Population and Sampling
          1. 14.3.2.1 Population
          2. 14.3.2.2 Sample
        3. 14.3.3 Sources and Types of Data
        4. 14.3.4 Model for Analysis
          1. 14.3.4.1 Big Data
          2. 14.3.4.2 Big Data Analytics
          3. 14.3.4.3 Insights for Action
          4. 14.3.4.4 Predictive Analytics
        5. 14.3.5 Validity and Reliability
        6. 14.3.6 Summary of Research Methodology
        7. 14.3.7 Possible Outcomes
      4. 14.4 Analysis and research outcomes
        1. 14.4.1 Overview
        2. 14.4.2 Support Vector Machine
        3. 14.4.3 KNN Algorithm
        4. 14.4.4 Multilinear Discriminant Analysis (LDA)
        5. 14.4.5 Random Forest Classifier
        6. 14.4.6 Variable Importance
        7. 14.4.7 Model Results
        8. 14.4.8 Classification and Regression Trees (CART)
        9. 14.4.9 Support Vector Machine
        10. 14.4.10 Linear Discriminant Algorithm
        11. 14.4.11 K-Nearest Neighbor
        12. 14.4.12 Random Forest
        13. 14.4.13 Challenges and Future Direction
          1. 14.4.13.1 Model 1: Experimental/Prototype Model
          2. 14.4.13.2 Model 2: Cloud Computing/Outsourcing
          3. 14.4.13.3 Application of Big Data Analytics Models in Cyber Security
          4. 14.4.13.4 Summary of Analysis
      5. 14.5 Conclusion
      6. References
    3. 15 Using ML and DL Algorithms for Intrusion Detection in the Industrial Internet of Things
      1. 15.1 Introduction
      2. 15.2 Ids applications
        1. 15.2.1 Random Forest Classifier
        2. 15.2.2 Pearson Correlation Coefficient
        3. 15.2.3 Related Works
      3. 15.3 Use of ml and dl algorithms in iiot applications
      4. 15.4 Practical application of ml algorithms in iiot
        1. 15.4.1 Results
      5. 15.5 Conclusion
      6. References
  12. Part IV Applications
    1. 16 On Detecting Interest Flooding Attacks in Named Data Networking (NDN)–based IoT Searches
      1. 16.1 Introduction
      2. 16.2 Preliminaries
        1. 16.2.1 Named Data Networking (NDN)
        2. 16.2.2 Internet of Things Search Engine (IoTSE)
        3. 16.2.3 Machine Learning (ML)
      3. 16.3 Machine learning assisted for ndn-based ifa detection in iotse
        1. 16.3.1 Attack Model
        2. 16.3.2 Attack Scale
        3. 16.3.3 Attack Scenarios
        4. 16.3.4 Machine Learning (ML) Detection Models
      4. 16.4 Performance evaluation
        1. 16.4.1 Methodology
        2. 16.4.2 IFA Performance
          1. 16.4.2.1 Simple Tree Topology (Small Scale)
          2. 16.4.2.2 Rocketfuel ISP like Topology (Large Scale)
        3. 16.4.3 Data Processing for Detection
        4. 16.4.4 Detection Results
          1. 16.4.4.1 ML Detection Performance in Simple Tree Topology
          2. 16.4.4.2 ML Detection in Rocketful ISP Topology
      5. 16.5 Discussion
      6. 16.6 Related works
      7. 16.7 Final remarks
      8. Acknowledgment
      9. References
    2. 17 Attack on Fraud Detection Systems in Online Banking Using Generative Adversarial Networks
      1. 17.1 Introduction
        1. 17.1.1 Problem of Fraud Detection in Banking
        2. 17.1.2 Fraud Detection and Prevention System
      2. 17.2 Experiment description
        1. 17.2.1 Research Goal
        2. 17.2.2 Empirical Data
        3. 17.2.3 Attack Scenario
      3. 17.3 Generator and discrimination model
        1. 17.3.1 Model Construction
          1. 17.3.1.1 Imitation Fraud Detection System Model
          2. 17.3.1.2 Generator Models
        2. 17.3.2 Evaluation of Models
      4. 17.4 Final conclusions and recommendations
      5. Notes
      6. References
    3. 18 Artificial Intelligence-assisted Security Analysis of Smart Healthcare Systems
      1. 18.1 Introduction
      2. 18.2 Smart healthcare system (shs)
        1. 18.2.1 Formal Modeling of SHS
        2. 18.2.2 Machine Learning (ML)–based Patient Status Classification Module (PSCM) in SHS
          1. 18.2.2.1 Decision Tree (DT)
          2. 18.2.2.2 Logistic Regression (LR)
          3. 18.2.2.3 Neural Network (NN)
        3. 18.2.3 Hyperparameter Optimization of PSCM in SHS
          1. 18.2.3.1 Whale Optimization (WO)
          2. 18.2.3.2 Grey Wolf Optimization (GWO)
          3. 18.2.3.3 Firefly Optimization (FO)
          4. 18.2.3.4 Evaluation Results
      3. 18.3 Formal attack modeling of shs
        1. 18.3.1 Attacks in SHS
        2. 18.3.2 Attacker’s Knowledge
        3. 18.3.3 Attacker’s Capability
        4. 18.3.4 Attacker’s Accessibility
        5. 18.3.5 Attacker’s Goal
      4. 18.4 Anomaly detection models (adms) in shs
        1. 18.4.1 ML-based Anomaly Detection Model (ADM) in SHS
          1. 18.4.1.1 Density-based Spatial Clustering of Applications with Noise (DBSCAN)
          2. 18.4.1.2 K-means
          3. 18.4.1.3 One-class SVM (OCSVM)
          4. 18.4.1.4 Autoencoder (AE)
        2. 18.4.2 Ensemble-based ADMs in SHS
          1. 18.4.2.1 Data Collection and Preprocessing
          2. 18.4.2.2 Model Training
          3. 18.4.2.3 Threshold Calculation
          4. 18.4.2.4 Anomaly Detection
          5. 18.4.2.5 Example Case Studies
          6. 18.4.2.6 Evaluation Result
          7. 18.4.2.7 Hyperparameter Optimization of ADMs in SHS
      5. 18.5 Formal attack analysis of smart healthcare systems
        1. 18.5.1 Example Case Studies
        2. 18.5.2 Performance with Respect to Attacker Capability
        3. 18.5.3 Frequency of Sensors in the Attack Vectors
        4. 18.5.4 Scalability Analysis
      6. 18.6 Resiliency analysis of smart healthcare system
      7. 18.7 Conclusion and future works
      8. References
    4. 19 A User-centric Focus for Detecting Phishing Emails
      1. 19.1 Introduction
      2. 19.2 Background and related work
        1. 19.2.1 Behavioral Models Related to Phishing Susceptibility
        2. 19.2.2 User-centric Antiphishing Measures
        3. 19.2.3 Technical Antiphishing Measures
        4. 19.2.4 Research Gap
      3. 19.3 The dataset
      4. 19.4 Understanding the decision behavior of machine learning models
        1. 19.4.1 Interpreter for Machine Learning Algorithms
        2. 19.4.2 Local Interpretable Model-Agnostic Explanations (LIME)
        3. 19.4.3 Anchor Explanations
          1. 19.4.3.1 Share of Emails in the Data for Which the Rule Holds
      5. 19.5 Designing the artifact
        1. 19.5.1 Background
        2. 19.5.2 Identifying Suspected Phishing Attempts
        3. 19.5.3 Cues in Phishing Emails
        4. 19.5.4 Extracting Cues
        5. 19.5.5 Examples of the Application of XAI for Extracting Cues and Phrases
      6. 19.6 Conclusion and future works
        1. 19.6.1 Completion of the Artifact
      7. Notes
      8. References

Product information

  • Title: AI, Machine Learning and Deep Learning
  • Author(s): Fei Hu, Xiali Hei
  • Release date: June 2023
  • Publisher(s): CRC Press
  • ISBN: 9781000878899