Interactive notebooks for learning how to apply machine learning to cybersecurity problems. Runs entirely in the browser via JupyterLite.
Classify Android apps as malware or benign using the Drebin dataset (binary features for permissions, API calls, and class usage).
- Session 1 — Logistic Regression: Baseline binary classifier with ROC curve analysis
- Session 2 — Support Vector Machine: Configurable kernel (linear, poly, rbf, sigmoid), regularization strength, and decision boundary visualization via PCA
Detect DDoS attacks in cloud network traffic using a neural network trained on the BCCC Cloud Packet DDoS 2024 dataset (319 network flow features).
- Uses scikit-learn's
MLPClassifier - Students tune: hidden layer sizes, activation function, learning rate, regularization, batch size, and early stopping
- Outputs training loss curve and detailed evaluation metrics (accuracy, precision, recall, F1, F-beta, TPR, FPR, confusion matrix)
This project is deployed as a JupyterLite site on GitHub Pages:
https://msblei.github.io/ml_in_cysec
Requirements: Firefox 90+ or Chromium 89+
- Arp, D. et al. "Drebin: Effective and explainable detection of android malware in your pocket." NDSS 2014.
- Shafi, M. et al. "Toward generating a new cloud-based Distributed Denial of Service (DDoS) dataset and cloud intrusion traffic characterization." Information 15.4 (2024): 195.