Ben’s Book of the Month: Review of “Machine Learning and Security: Protecting Systems with Data and Algorithms”

Machine learning and security are all the rage. With the RSA Conference a little more than 2 weeks away, there will be plenty of firms on the expo floor touting their security solutions based on AI, deep learning, and machine learning. 

In Machine Learning and Security: Protecting Systems with Data and Algorithms (O’Reilly Media 978-1491979907), authors Clarence Chio and David Freeman have written a no-nonsense technical and practical guide showing how you can avoid that hype, and truly use machine learning to enhance information security.

After a brief introduction to what machine learning is, the authors candidly write of the limitations of machine learning in security. They note that the notion that machine learning methods will always give good results across different use cases is categorically false. In real-world scenarios there are usually factors to optimize for other than precision recall or accuracy.

For those that think that machine learning is the latest information security silver bullet, as good as this book is, it certainly won’t help them. But for those that know the limitations of machine learning, the authors suggest approaching it with equal parts enthusiasm and caution, remembering that not everything can instantly be made better with machine learning.

Machine learning works alongside areas such as pattern recognition and computational statistics, and as such, the book is made for those with a strong background in programming, math, and statistics. Most of the programming samples are in Python.

Current technologies like malware and virus classification, intrusion detection, malware classification, network protocol analysis and more are imperfect science. The promise of machine learning comes with many challenges. For those who are willing to invest in doing that, Machine Learning and Security is an indispensable reference.

This is a serious book for those serious about integrating machine learning into the overall information security framework. The reader is expected to know the underlying mathematics and statistics, Python and other languages, and more importantly – how to integrate these into their security architecture. Titles like Machine Learning For Dummies may provide a good introduction to the topic, but it’s books like this that will take you there.

This is a Security Bloggers Network syndicated blog post authored by Ben Rothke. Read the original post at: RSA Conference Blog