{"id":20477143,"url":"https://github.com/mylamour/machine-learning-for-security","last_synced_at":"2025-07-21T21:31:59.612Z","repository":{"id":144404143,"uuid":"101958503","full_name":"mylamour/machine-learning-for-security","owner":"mylamour","description":"machine learning for security ","archived":false,"fork":false,"pushed_at":"2020-03-15T03:55:50.000Z","size":24,"stargazers_count":77,"open_issues_count":0,"forks_count":14,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-05T14:48:40.792Z","etag":null,"topics":["computer-security","machine-learning","paper"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mylamour.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-08-31T04:16:19.000Z","updated_at":"2025-01-20T14:06:55.000Z","dependencies_parsed_at":null,"dependency_job_id":"fd3d2598-56be-4b95-b3e4-6208716bc246","html_url":"https://github.com/mylamour/machine-learning-for-security","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mylamour/machine-learning-for-security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mylamour%2Fmachine-learning-for-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mylamour%2Fmachine-learning-for-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mylamour%2Fmachine-learning-for-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mylamour%2Fmachine-learning-for-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mylamour","download_url":"https://codeload.github.com/mylamour/machine-learning-for-security/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mylamour%2Fmachine-learning-for-security/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266382334,"owners_count":23920685,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-21T11:47:31.412Z","response_time":64,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["computer-security","machine-learning","paper"],"created_at":"2024-11-15T15:25:51.612Z","updated_at":"2025-07-21T21:31:59.586Z","avatar_url":"https://github.com/mylamour.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"### 计算机安全工程师的机器学习\n\n## 这是？\n\n这是本人之前工作中读到的一些论文, 所以假设你已经具有了基础的渗透能力和机器学习能力。机器学习(Or深度学习)在安全领域可以应用的地方还是很多的。例如:\n\n![image](https://user-images.githubusercontent.com/12653147/71471144-99e59c80-2809-11ea-9162-dc19879da102.png)\n\n\n\u003e 这些检测与绕过大部分无非是与文本相关(也许在内存里中，也许在文件中)的处理，所以可算是NLP在安全领域的应用,同时也可以看到,将二进制文件转换为灰度图可以用来检测病毒,所以这个可以算是CV的迁移应用。同样，在绕过检测这个环节里，有可能会用到RL的一些知识。\n\n\n\n格式如下:\n\n```bash\n**[序号]** 作者. \"名称\", [[pdf]](链接),年份 **(描述,应用场景)** 推荐星级 :star::star::star::star::star:\n```\n\n---\n\n## 目录\n\n- [这是？](#这是)\n- [正文 ](#正文)\n- [资源](#资源)\n---\n\n## 正文\n\n\n### Webshell Detection\n\n**[1]** Ye Zhang, Byron Wallace. \"A Sensitivity Analysis of (and Practitioners' Guide to) Convolutional Neural Networks for Sentence Classification\", [[pdf]](https://arxiv.org/abs/1510.03820v1),6 Apr 2016 **(文本分类，检测webshell)** 推荐星级:star::star::star::star::star:\n\n**[2]** Yoon Kim. \"Convolutional Neural Networks for Sentence Classification\" [[pdf]](https://arxiv.org/abs/1408.5882),3 Sep 2014 **(文本分类，检测webshell,XSS等)** 推荐星级:star::star::star::star::star:\n\n**[3]** Johannes Dahse. \"Static Detection of Complex Vulnerabilities in Modern PHP Applications\" [[pdf]](https://d-nb.info/1099703417/34), 02 Feb 2016 **(AST，检测webshell)** 推荐星级:star::star::star::star::star:\n\n### DGA Detection\n\n**[1]** Hyrum S. Anderson, Jonathan Woodbridge, Bobby Filar. \"DeepDGA: Adversarially-Tuned Domain Generation and Detection\" [[pdf]](https://arxiv.org/abs/1610.01969),6 Oct 2016 **(生成对抗网络，DGA检测)** 推荐星级:star::star::star::star::star:\n\n**[2]** Jonathan Woodbridge, Hyrum S. Anderson, Anjum Ahuja, Daniel Grant. \"Predicting Domain Generation Algorithms\nwith Long Short-Term Memory Networks\" [[pdf]](https://arxiv.org/abs/1611.00791),2 Nov 2016 **(LSTM,DGA检测)** 推荐星级:star::star::star::star::star:\n\n### Malware Detection\n\n**[1]** \"DeepSign: Deep Learning for Automatic Malware\nSignature Generation and Classification\" [[pdf]](http://www.covert.io/research-papers/deep-learning-security/DeepSign-%20Deep%20Learning%20for%20Automatic%20Malware%20Signature%20Generation%20and%20Classification.pdf) **(病毒签名生成和检测)** 推荐星级:star::star::star::star::star:\n\n**[2]** Hyrum S. Anderson, Anant Kharkar,Bobby Filar. \"Evading Machine Learning Malware Detection\" [[pdf]](https://www.blackhat.com/docs/us-17/thursday/us-17-Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection-wp.pdf),22-27 July 2017 **(绕过病毒检测)** 推荐星级:star::star::star::star::star:\n\n**[3]** L. Nataraj, S. Karthikeyan,G. Jacob. \"Malware Images: Visualization and Automatic Classification\" [[pdf]](https://vision.ece.ucsb.edu/sites/vision.ece.ucsb.edu/files/publications/nataraj_vizsec_2011_paper.pdf),2011 **(二进制可视化，病毒检测)** 推荐星级:star::star::star::star::star:\n\n**[4]** L. Nataraj, Vinod Yegneswaran,Phillip Porras,Jian Zhang. \"A Comparative Assessment of Malware Classification using Binary Texture Analysis and Dynamic Analysis\" [[pdf]](https://vision.ece.ucsb.edu/sites/vision.ece.ucsb.edu/files/publications/aisec17-nataraj.pdf) **(二进制可视化，图像分类，病毒检测)** 推荐星级:star::star::star::star::star:\n\n**[5]** Kolter, Maloof. \"Learning to detect malicious executables in the wild\" [[pdf]](http://machinelearning.wustl.edu/mlpapers/paper_files/KolterM06.pdf),2004 **(NLP, n-grams of byte codes,静态分析,病毒检测)** 推荐星级:star::star::star::star::star:\n\n**[6]** Microsoft. \"Microsoft portable executable and common object file format specification\", [[pdf]](https://adeetc.thothapp.com/classes/SO/1617i/LI41N/workitems/1833/attachment),2013 **(微软PE文件的格式说明,需要了解的基础知识)** 推荐星级 :star::star::star::star::star:\n\n**[7]** J. Saxe and K. Berlin. \"Deep neural network based malware detection using two dimensional binary program features.In Malicious and Unwanted Software (MALWARE)\", [[pdf]](https://arxiv.org/pdf/1508.03096.pdf),3 Sep 2015 **(DNN套路病毒检测，面对未知病毒也可检测)** 推荐星级 :star::star::star::star::star:\n\n\n### IDS\n\n**[1]** 金波,林家骏,王行愚. \"入侵检测技术评述[J]. 华东理工大学学报\", 21 09 2017 推荐星级 :star::star::star:\n\n\n### Password\n\n**[1]** Briland Hitaj, Paolo Gasti, Giuseppe Ateniese, Fernando Perez-Cruz \"PassGAN A Deep Learning Approach for Password Guesssing\", [[pdf]](https://arxiv.org/pdf/1709.00440.pdf),1 Sep 2017 **(GAN网络 破解密码)** 推荐星级 :star::star::star::star::star:\n\n### Attack\n\n**[1]** Alex Graves, \"Generating Sequences With Recurrent Neural Networks\", [[pdf]](https://arxiv.org/pdf/1308.0850.pdf), 5 Jun 2014 **(文本生成必备论文，RNN,作为LSTM生成XSS必读论文)** 推荐星级 :star::star::star::star::star:\n\n**[2]** Hila Peleg, Patrice Godefroid,Rishabh Singh, \"Learn\u0026Fuzz: Machine Learning for Input Fuzzing\", [[pdf]](https://patricegodefroid.github.io/public_psfiles/ase2017.pdf), 2017 **(机器学习和Fuzzing )** 推荐星级 :star::star::star::star::star:\n\n## 资源\n\n\u003e 资源再多,也没什么用。以如今互联网的发展程度，找资源可以说是轻而易举。稍微动动脑子,都能拿的到。但是关键在于,有和用是两码事。本来并不想在资源这里列很多东西。但觉得不列出来是不完整的,这些知识都是相辅相成的。但又怕列多了误导别人(说的好像真有人来看似的)。因此,暂且仅挑几本书放在下面吧。\n\n* [Machine Learning for Cyber Security](https://github.com/wtsxDev/Machine-Learning-for-Cyber-Security)\n* [Jason Trost:Collection of Deep Learning Cyber Security Research Papers](https://medium.com/@jason_trost/collection-of-deep-learning-cyber-security-research-papers-e1f856f71042)\n* [The Definitive Security Data Science and Machine Learning Guide](http://www.covert.io/the-definitive-security-datascience-and-machinelearning-guide/)\n* [CS 259D: Data Mining for Cyber Security](http://web.stanford.edu/class/cs259d/)\n* [The Art of Memory Forensics](https://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098)\n* [Practical malware analysis: the hands-on guide to dissecting malicious software](https://vision.ece.ucsb.edu/sites/vision.ece.ucsb.edu/files/publications/aisec17-nataraj.pdf)\n* [Malware Analyst's Cookbook](https://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033)\n* [Linux Firewalls: Enhancing Security with nftables and Beyond (4th Edition)](https://www.amazon.com/Linux-Firewalls-Enhancing-Security-nftables/dp/0134000021)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmylamour%2Fmachine-learning-for-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmylamour%2Fmachine-learning-for-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmylamour%2Fmachine-learning-for-security/lists"}