Book Review: Malware Data Science


  • This topic is empty.
Viewing 1 reply thread
  • Author
    • #169299

      [caption id="attachment_169289" align="alignright" width="500"]EH-Net - Book Review - Malware Data Science - Neural Net Learning Neural Network Learning Malware vs Benignware[/caption]

      Malware Data Science: Attack Detection and Attribution” (MDS) is a book every information security professional should consider reading due to the rapid growth and variation of malware and the increasing reliance upon data science to defend information systems. Known malware executables have expanded from 1 million in 2008 to more than 700 million in 2018. Intrusion Detection Systems (IDS) are changing from signature-based systems as code packing, encryption, dynamic linking and obfuscation point security towards tools applying heuristics methods supported by data science. This article is a summary and a review, but my primary goal is to encourage the reader to read the book and complete the activities. If you do, I am sure that your security toolkit will be better equipped.

      Overview of Malware Data Science

      MDS identifies Data Science as a growing set of algorithmic tools that allow us to understand and make predictions about data using statistics, mathematics, and artful statistical data visualizations. While these terms may imply a difficult read, authors Joshua Saxe (Chief Data Scientist at Sophos) and Hillary Sanders (Infrastructure Data Science Team Lead at Sophos) equip the reader for upcoming concepts well, building upon key concepts with python code examples and walking through the code to reinforce learning. At points they identify additional resources or refer to prior chapters in a way that both supports the reader and encourages further study.

      EH-Net - Book Review - Malware Data ScienceThe code is downloadable from a site dedicated to MDS. Executing the code as you read helps to learn the concepts. I found working directly with the code itself to be surprisingly encouraging and even fun. Of course, some of the code is malware obtained from VirusTotal or Kaspersky Labs. That code is de-fanged with some flipped bits, but the code should be treated with due care in VirtualBox. The text offers a provisioned VirtualBox download.

      [See the full article at: Book Review: Malware Data Science]

    • #169317

      The is a link to a security company that is applying some of these security principles, and I believe an example of where the industry is heading.

      • This reply was modified 2 years, 7 months ago by MTGreen.
Viewing 1 reply thread
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?