The document discusses cyber security analytics and its importance. It covers topics like cyber threats such as ransomware, malware, social engineering and phishing. It also discusses applications of data analytics in cyber security problems like SMS spam detection, credit card fraud detection, and intrusion detection. For each problem, it describes collecting and preprocessing relevant data and then applying machine learning algorithms like logistic regression, Bayesian classification to build models.

1. CYBER SECURITY ANALYTICS
Dr. S KANNIMUTHU,
Professor / CSE Department,
Karpagam College of Engineering,
Coimbatore.
4/17/2021 1
CYBER SECURITYANALYTICS

2. CYBER SECURITY
• Practice of
– protecting systems
– networks
– and programs from digital attacks
• Cyberattacks are usually aimed at accessing,
changing, or destroying sensitive information;
extorting money from users; or interrupting
normal business processes.
4/17/2021 CYBER SECURITYANALYTICS 2

3. Why CS Important?
• In today’s connected world, everyone benefits from
advanced cyberdefense programs.
• At an individual level, a cybersecurity attack can
result in everything from identity theft, to extortion
attempts, to the loss of important data like family
photos.
• Everyone relies on critical infrastructure like power
plants, hospitals, and financial service companies.
• Securing these and other organizations is essential to
keeping our society functioning.
4/17/2021 CYBER SECURITYANALYTICS 3

4. Why CS Important? (Contd..,)
• Everyone also benefits from the work of cyberthreat
researchers, like the team of 250 threat researchers at
Talos, who investigate new and emerging threats and
cyber attack strategies.
• They reveal new vulnerabilities, educate the public on
the importance of cybersecurity, and strengthen open
source tools. Their work makes the Internet safer for
everyone.
4/17/2021 CYBER SECURITYANALYTICS 4

5. Types of CS Threats
• Ransomware
– is a type of malicious software.
– it is designed to extort money by blocking access to files or
the computer system until the ransom is paid.
– paying the ransom does not guarantee that the files will be
recovered or the system restored.
• Malware
– is a type of software designed to gain unauthorized access
or to cause damage to a computer.
4/17/2021 CYBER SECURITYANALYTICS 5

6. Types of CS Threats (Contd..,)
• Social engineering
– is a tactic that adversaries use to trick you into revealing
sensitive information.
– they can solicit a monetary payment or gain access to your
confidential data.
– can be combined with any of the threats mentioned earlier
to make you more likely to click on links, download
malware, or trust a malicious source.
4/17/2021 CYBER SECURITYANALYTICS 6

7. Types of CS Threats (Contd..,)
• Phishing
– is the practice of sending fraudulent emails that resemble
emails from reputable sources.
– The aim is to steal sensitive data like credit card numbers
and login information.
– It’s the most common type of cyber attack.
– You can help protect yourself through education or a
technology solution that filters malicious emails.
4/17/2021 CYBER SECURITYANALYTICS 7

8. When Required
• Cyberterrorism
– is the disruptive use of information technology by
terrorist groups to further their ideological or
political agenda.
– This takes the form of attacks on networks,
computer systems and telecommunication
infrastructures.
4/17/2021 CYBER SECURITYANALYTICS 8

9. When Required
• Cyberwarfare
– involves nation-states using information technology to
penetrate another nation’s networks to cause damage or
disruption.
– Cyberwarfare attacks are primarily executed by hackers who are
well-trained in exploiting the intricacies of computer networks,
and operate under the auspices and support of nation-states.
– Rather than “shutting down” a target’s key networks, a
cyberwarfare attack may intrude into networks to compromise
valuable data, degrade communications, impair such
infrastructural services as transportation and medical services,
or interrupt commerce.
4/17/2021 CYBER SECURITYANALYTICS 9

10. When Required
• Cyberespionage
– is the practice of using information technology to obtain
secret information without permission from its owners or
holders.
– Cyberespionage is most often used to gain strategic,
economic, political or military advantage, and is conducted
using cracking techniques and malware.
4/17/2021 CYBER SECURITYANALYTICS 10

11. DATA ANALYTICS
• Data analytics is the science of drawing insights from raw
information sources.
• Many of the techniques and processes of data analytics
have been automated into mechanical processes
and algorithms that work over raw data for human
consumption.
• Data analytics techniques can reveal trends and metrics
that would otherwise be lost in the mass of information.
This information can then be used to optimize processes to
increase the overall efficiency of a business or system.
4/17/2021 CYBER SECURITYANALYTICS 11

12. APPLICATION AREAS
4/17/2021 CYBER SECURITYANALYTICS 12

13. CSA PROBLEMS
4/17/2021 CYBER SECURITYANALYTICS 13
• SMS SPAM DETECTION
• CREDIT CARE FRAUD DETECTION
• INTRUSION DETECTION

14. SMS SPAM DETECTION
• The mobile phone market has experienced a
substantial growth over recent years.
• As the utilization of mobile phone devices
has become commonplace, Short
Message Service (SMS) has grown into a
multi-billion dollars commercial industry
4/17/2021 CYBER SECURITYANALYTICS 14

15. SMS SPAM DETECTION
• As the popularity of the platform has
increased, we have seen a surge in the
number of unsolicited commercial
advertisements sent to mobile phones using
text messaging
4/17/2021 CYBER SECURITYANALYTICS 15

16. SMS SPAM DETECTION
• SMS Spam is particularly more irritating than
email spams, since in some countries they
contribute to a cost for the receiver as well.
• These factors along with limited availability of
mobile phone spam-filtering software makes
spam detection for text messages an
interesting problem to look into.
4/17/2021 CYBER SECURITYANALYTICS 16

17. SMS SPAM DETECTION
• Hence, we are in a position to implement
models for classifying SMS spam and ham
messages based on message text.
4/17/2021 CYBER SECURITYANALYTICS 17

18. Data Collection
• SMS Spam Collection Data Set available in UCI
Repository
• https://archive.ics.uci.edu/ml/datasets/SMS+S
pam+Collection
4/17/2021 CYBER SECURITYANALYTICS 18

19. Screenshot
4/17/2021 CYBER SECURITYANALYTICS 19

20. Data Preprocessing
• Unstructured data is converted into structured
form using IF-IDF vectorization
4/17/2021 CYBER SECURITYANALYTICS 20

21. Machine Learning Approaches
• We can use
– Logistic Regression
– Support Vector Machines
4/17/2021 CYBER SECURITYANALYTICS 21

22. Credit Card Fraud Detection
• Credit card fraud has emerged as major
problem in the electronic payment sector.
• From the moment the payment systems
came to existence, there have always
been people who will find new ways to
access someone’s finances illegally.
4/17/2021 CYBER SECURITYANALYTICS 22

23. Credit Card Fraud Detection
• This has become a major problem in the
modern era, as all transactions can easily
be completed online by only entering your
credit card information.
• Even in the 2010s, many American retail
website users were the victims of online
transaction fraud right before two-step
verification was used for shopping online.
4/17/2021 CYBER SECURITYANALYTICS 23

24. Credit Card Fraud Detection
• Organizations, consumers, banks, and
merchants are put at risk when a data
breach leads to monetary theft and
ultimately the loss of customers’ loyalty
along with the company’s reputation.
4/17/2021 CYBER SECURITYANALYTICS 24

25. Credit Card Fraud Detection
• We are in a position to study data-driven
credit card fraud detection particularities and
several machine learning methods to address
each of its intricate challenges with the goal to
identify fraudulent transactions that have
been issued illegitimately on behalf of the
rightful card owner.
4/17/2021 CYBER SECURITYANALYTICS 25

26. Data Collection
• Credit Card Fraud Detection Data Set available
in UCI Repository
• https://archive.ics.uci.edu/ml/datasets/defaul
t+of+credit+card+clients
4/17/2021 CYBER SECURITYANALYTICS 26

27. Screenshot
4/17/2021 CYBER SECURITYANALYTICS 27

28. Attribute Information
4/17/2021 CYBER SECURITYANALYTICS 28

29. Data Preprocessing
• Selecting the Relevant Features
• Replace Missing Values
4/17/2021 CYBER SECURITYANALYTICS 29

30. Machine Learning Approaches
• We can use
– Logistic Regression
– Bayesian Classification
4/17/2021 CYBER SECURITYANALYTICS 30

31. Intrusion Detection
• The rapid advances in the internet and
communication fields have resulted in a
huge increase in the network size and the
corresponding data.
• As a result, many novel attacks are being
generated and have posed challenges for
network security to accurately detect
intrusions.
4/17/2021 CYBER SECURITYANALYTICS 31

32. Intrusion Detection
• Furthermore, the presence of the intruders
with the aim to launch various attacks
within the network cannot be ignored.
• An intrusion detection system (IDS) is one
such tool that prevents the network from
possible intrusions by inspecting the
network traffic, to ensure its confidentiality,
integrity, and availability.
4/17/2021 CYBER SECURITYANALYTICS 32

33. Intrusion Detection
• Despite enormous efforts by the
researchers, IDS still faces challenges in
improving detection accuracy while
reducing false alarm rates and in detecting
novel intrusions.
• Machine Learning can be used to detect
intruders in an effective way.
4/17/2021 CYBER SECURITYANALYTICS 33

34. Data Collection
• Intrusion Detection Data Set available in UCI
Repository
• http://kdd.ics.uci.edu/databases/kddcup99/kd
dcup99.html
4/17/2021 CYBER SECURITYANALYTICS 34

35. Screenshot
4/17/2021 CYBER SECURITYANALYTICS 35

36. Attribute Information
4/17/2021 CYBER SECURITYANALYTICS 36

37. Data Preprocessing
• Selecting the Relevant Features
• Replace Missing Values
4/17/2021 CYBER SECURITYANALYTICS 37

38. Machine Learning Approaches
• We can use
– Logistic Regression
– Bayesian Classification
4/17/2021 CYBER SECURITYANALYTICS 38

39. THANK YOU
4/17/2021 39
CYBER SECURITYANALYTICS

40. Dr. S Kannimuthu
(Department of CSE)
Karpagam College of Engineering
Email- kannimuthu.me@gmail.com
Blog: http://skannimuthu.blogspot.in
Publon
Profile:https://publons.com/researcher/1686169/kannimuth
u-subramanian/
Google Scholar Profile:
https://scholar.google.co.in/citations?user=eSdX5S0AAAAJ&hl=en
4/17/2021 40
CYBER SECURITYANALYTICS