Machine Learning(ML) can learn and find threat patterns more effectively by analyzing large volume data to detect malware in encrypted traffic, find insider threats, predict suspicious anomalies and behaviors and activities, detect malware, secure and protect data in the cloud and networks. Many machine learning algorithms can be applied in cybersecurity such as unsupervised clustering and supervised classification, and neural network-oriented deep learning algorithms.
Using machine learning to solve cybersecurity problems need to use some related languages, Python is renowned for its concise, readable code and myriad of machine learning algorithm library and became a popular language of machine learning [5]. However, a number of students have trouble configuring the appropriate python environment and retrieve for the dataset on their own computers. Because each student has a different configuration problem, the instructor spends a lot of time helping students solve configuration problems instead of introducing knowledge related to cybersecurity and machine learning. So we propose a novel approach which using container that can help students get rid of the trouble of configuration environment and focus on the application of machine learning in cybersecurity.
In this Getting started learning module, we introduce the docker container. Docker uses operating system-level virtualization to deliver software in packages called containers. These containers are isolated from each other and bind their own libraries, environment and dataset into one image. Running in a container replaces running in a virtual machine because dockerized applications use resources in the host system in a more efficient way than virtual machine.
Our goal is to explore Cybersecurity case study by using docker container. Docker can package everything needed in application into containers which are portable to any system such as Linux and Windows. In this case, we package the implementation of the machine learning algorithm in python, the library we use, and the cybersecurity dataset into one single docker image.
Each module is the following learning modules that will focus on specific ML for a cybersecurity case study with the same hands-on learning environment.