Beginner Machine Learning tutorial (TryHackMe Advent of Cyber Day 14)

00:00

AI is one of the hottest topics in the

00:02

Market at the moment and if you ever

00:04

wanted to learn about AI then this free

00:06

tutorial is for you this is part of the

00:08

Advent of CBA by try hack me which is a

00:11

completely free competition for

00:12

beginners to participate in fun and

00:14

educational challenges I will go through

00:16

the basics of AI and machine learning

00:19

but I will also explain to you how AI

00:21

can be used in cyber security and if

00:23

you're new to the channel I'm un next

00:25

guy and I'll help people learn their

00:26

first cyber security job even if they

00:28

don't have any degree or technical IT

00:30

background I have many videos where I

00:32

show you exactly how to land your first

00:34

cyber security job like this video for

00:36

example but wait a minute it's almost

00:38

Christmas time let's get into it so in

00:41

day 14 of the challenge the CTO has made

00:44

our toy pipeline go wrong that's not

00:46

unusual of CTO by the way by infecting

00:48

elves at key positions in the toy making

00:50

process he has poisoned the pipeline and

00:53

caused the elves to make defective toys

00:55

maxky has started to combat the problem

00:57

by placing control elves in the pipeline

00:59

these elves take measurements of the

01:01

toys to try and narrow down the exact

01:03

location of problematic elves in the

01:05

pipeline by comparing the measurements

01:07

of defective and perfect toys however

01:09

this is an incredibly tedious and

01:10

lengthy process so he's looking to use

01:12

machine learning so in this story the

01:14

CTO has messed up the process of making

01:16

toys and what we want to do is use the

01:19

power of AI and machine learning to try

01:21

and detect which toys are in good

01:23

condition and which toys are defective

01:25

but first things first we need to learn

01:27

the difference between Ai and machine

01:28

learning you see so many people use the

01:30

word AI by mistake because what they

01:32

really are referring to is what we call

01:34

machine learning machine learning is

01:36

essentially a process where we try and

01:38

teach a machine to mimic human

01:40

intelligence for example I want my

01:42

machine to be able to make decisions

01:44

accurately but the problem we face is

01:46

that sometimes we end up using F

01:48

statements for example if we're

01:49

producing toys and we want all the toys

01:52

to be red but one of the toys is blue

01:54

then our machine can detect if the toy

01:56

is blue because that's an easy process

01:57

we can just have an F statement that say

01:59

if the the toy is not thread then the

02:01

toy is defective but unfortunately in

02:03

the real world the problems that we Face

02:05

are a little bit more complicated for

02:07

example in our toys problem here it's

02:09

not just the color but sometimes it's

02:11

the height sometimes it's the weight or

02:13

the dimensions so to effectively solve

02:15

this problem we need to use proper

02:17

machine learning the process of

02:18

analyzing the input and trying to find

02:20

the problem this process and this flow

02:23

of decision we call it an algorithm now

02:25

there are so many different algorithms

02:27

for machine learning which go beyond

02:29

this video but here we will explore

02:31

three types of machine learning

02:32

algorithms so the first one is called

02:34

genetic algorithm this structure

02:36

essentially mimics the process of

02:37

natural selection and evolution it's

02:39

essentially an algorithm based on the

02:41

theory of survival for the Fest fairly

02:43

simplistic idea but it can be

02:45

complicated when we try to implement it

02:47

in real life the second type is called

02:49

particle swarm so this one aims to mimic

02:51

the process of how birds flock in a

02:53

group together at a specific point and

02:55

the third one is called the neural

02:56

network the neural network is by far the

02:59

most popular one in fact this is the one

03:01

that I learned long time ago in

03:02

University and if I'm honest with you I

03:04

forgot most of the stuff that I learned

03:06

because I didn't practice or apply it in

03:08

the real world but today with the AI

03:10

boom I find myself needing to go back to

03:12

those Concepts and learn them again

03:14

which is a lot of fun for me so

03:16

basically neural networks mimic the

03:17

process of how neurons work in our brain

03:19

neural networks try to replicate our

03:22

human brain so we have so many cells and

03:24

neurons in our brain and they receive

03:26

various inputs and they produce outputs

03:28

so this is the basic idea behind neural

03:30

networks and this is the one that we

03:32

will use in our example today and I

03:34

promise you as we go through the example

03:36

it will become a lot easier to learn and

03:38

understand so the neural network much

03:40

like the human brain needs to learn

03:42

before it can make decisions and there

03:43

are many ways to teach neural networks

03:45

how to make decisions in fact so many

03:47

PHD programs are based on specific way

03:50

of teaching neural networks and trying

03:51

to find the efficiency of that way in

03:53

this example here we will be learning

03:55

two methods of training neural networks

03:58

the first one is called supervised

03:59

learning learning and the second one is

04:00

called unsupervised learning the

04:02

supervised learning is where we provide

04:04

the neural network with the information

04:06

that we want it to learn so ideally we

04:08

need to create what we refer to as data

04:10

sets these data sets are essentially

04:12

information that we feed to the neural

04:14

network in order for the neural network

04:16

to be able to make decisions based on

04:17

this data for example if I want to teach

04:19

the newal network about toys my data set

04:22

should include information about what a

04:24

good toy looks like so that when the

04:25

neuron Network sees a toy that doesn't

04:27

look like the good toy then it can tell

04:29

you what it's defective or not the

04:31

second type is called unsupervised

04:32

learning and this one is a little bit

04:34

more complex we basically let the neural

04:36

network try and find interesting things

04:38

so in our toys example instead of

04:40

specifically telling the neural network

04:42

that this is a good toy what we do

04:44

instead is we feeded large amount of

04:46

information about toys in general and

04:48

then we let the neural networks try to

04:50

make correlations and decisions based on

04:52

that data as I said this is a complex

04:54

topic and in the challenge there are

04:56

links that you can follow where you can

04:58

read more about this later on in this

05:00

example that we will go through we will

05:01

use the supervised learning method so as

05:04

you can see in this example our machine

05:06

learning model here consist of three

05:08

layers we have the input layer and then

05:10

we have a hidden layer and we have then

05:12

the output layer so at the moment we

05:13

have a neural network that doesn't have

05:15

any information so the first step is to

05:17

give it some information that

05:19

information is fed to the neural network

05:21

at the input layer so in this example

05:23

you can see that the input layer have

05:25

the height width length color scheme

05:27

make ID and the check ID and at the end

05:29

of that model we have something called

05:31

the output layer this will simply tell

05:33

us whether the toy is defective or not

05:35

but then in the middle we have the

05:37

hidden layer this is where the magic

05:39

happens this is where the math where the

05:41

computation happens this is where the

05:43

neural network tries to make sense of

05:45

the data and the hidden layer itself can

05:47

be composed of so many layers in fact

05:49

the more complicated the calculations

05:51

are the more layers we need now this

05:53

example doesn't go deep into what a no

05:55

is but if I wants to simplify it for you

05:57

a node can be a server it can be a

06:00

laptop it even can be an application

06:02

instance or a thread think of a node is

06:04

like something that does computations so

06:06

the more computational nodes we have the

06:08

more servers we have the more computing

06:10

power we have the more mathematical

06:12

computation we can perform so if we have

06:14

a complex neural network that's doing

06:17

true artificial intelligence we really

06:19

need a lot of computational power and a

06:21

lot of mathematical calculations as well

06:24

now in this example we will zoom in a

06:26

little bit on the hidden layer to see

06:27

how the calculations are performed but

06:29

don't worry it's not complex math it's

06:31

very very basic simplified for you just

06:33

to know enough to understand how neural

06:36

networks actually work we don't just

06:37

take the inputs as they are in fact we

06:39

multiply the inputs by the weight now

06:41

this is important logic we need to

06:43

understand the relationship between the

06:45

height and the weight of the toy this

06:46

will help the neural network understand

06:48

which input contribute more to the

06:50

output than others so for example one

06:52

toy could be a lot taller than other

06:54

toys but once we factor in the weight

06:56

then we can see how much that height is

06:58

actually contributing simil similarly we

06:59

don't just take the output value as it

07:01

is but we take that output value and we

07:04

put it into what we refer to as an

07:05

activation function the purpose of the

07:07

activation function is that we don't

07:09

want the outputs to be just random

07:11

numbers we want these outputs to be

07:13

within one range so we can compare the

07:15

toys to one another so in this example

07:17

we want the output to be a decimal

07:19

number between 0 and 1 or it could be

07:21

between minus1 and 1 now that we have

07:23

some idea of how the neural network

07:25

operates the next step would be to train

07:27

the neural network this means we need

07:29

information to feed into the neural

07:31

network so it can start and make

07:33

decisions for us so the first method

07:35

here is called the feed forward Loop

07:37

this is the simplest form of training so

07:39

essentially the way it works the first

07:41

step is we normalize the input normalize

07:43

the input is what we talked about in the

07:45

previous step which is we multiplies it

07:47

by weight to help the neural network

07:49

decide which inputs are more important

07:51

and then we feed the inputs to our nodes

07:53

in the input layer as you can see in the

07:55

diagram and then we simply get the

07:57

answer so the more data we give to the

07:58

neural netk took the better the decision

08:00

will be because it will know what a

08:02

defective toy looks like but that's only

08:04

half of the equation we have been

08:05

feeding input to the Neal Network now we

08:08

need to do what we refer to as back

08:10

propagation this is where we simply tell

08:12

the neural network whether the answer

08:14

was correct or not and that's how the

08:15

neural network can learn so we will give

08:17

the neural network a certain input and

08:19

then the neural network will come and

08:20

tell you well I think this toy is good

08:22

but then you will look at it and say yes

08:23

it was and then you will look at the

08:25

answer and then you will tell the neural

08:26

network whether the answer was correct

08:28

or not and that's how the neural network

08:30

can be trained to make better decisions

08:33

now the last topic that we need to talk

08:34

about before we go into solving the

08:36

challenge is the information that we

08:38

feed to the neural network which we

08:40

refer to as data sets now the type of

08:43

data that we give to the neural network

08:44

is a huge topic on its own and it's not

08:47

straightforward so as tryck me trying to

08:49

explain it if you were at school and

08:51

your teacher have explained to you that

08:53

1 + 1 = 2 and 2 + 2 = 4 but then in the

08:57

exam you get the question of 3 + 3 now

08:59

we know that the answer is six but you

09:01

can only know that if you understood the

09:03

basic principle of addition if you just

09:06

memorized 1 + 1 = 2 and 2 + 2 = 4 then

09:09

you won't be able to calculate 3 + 3 you

09:12

have to understand the logic behind the

09:14

calculation the same thing applies to

09:16

machine learning we can simply give our

09:18

neural network so much information but

09:20

then the neural network end up

09:21

memorizing all of this information the

09:23

problem is when the neural network faces

09:25

a new problem that it hasn't seen before

09:27

then it can't make a decision so the way

09:29

we train our neuron network is we need

09:31

to train it in such a way that it

09:33

understands the underlying logic it's

09:35

not just cramming and memorizing things

09:37

so the way we fix this problem is that

09:39

we need to know how much information is

09:42

enough otherwise we will end up into

09:44

what we refer to as overtraining this is

09:46

when we give the neur network way too

09:48

much information that it ends up

09:50

memorizing the answers as opposed to

09:52

understanding the logic so to achieve

09:53

that we do something we refer to as

09:56

validation we essentially validate

09:58

whether the neural network has Lear

09:59

enough or not so to perform validation

10:02

we have to split the data set into three

10:04

data sets the first set is called the

10:05

training data this is the information

10:07

that we feed to the neural network but

10:09

then we also need validation data which

10:11

is what we will use to validate whether

10:14

the neural network understood our

10:15

training or not so after each training

10:17

round we need to send the validation

10:19

data through our Network to determine

10:21

the performance if the performance

10:23

starts to decline then we know that

10:24

we're overtraining our neuron Network

10:27

and finally we have testing data this

10:29

data set is simply used to calculate the

10:31

final performance of the network the

10:33

network shouldn't see this data until

10:34

we're completely done with the training

10:36

process so with all of this background

10:38

information now we can proceed to solve

10:40

our Challenge and I promise you the hot

10:42

part is done this challenge is

10:44

straightforward and I'll show you

10:45

exactly how to solve it so we

10:47

essentially have three files one is a

10:49

python script called detector and then

10:51

we have our training data set and we

10:54

have our testing data set we need

10:56

training data set we need validation

10:58

data set and we need testing data set in

11:00

this particular example the training and

11:02

the validation data sets are both in the

11:04

same file so we only have two files for

11:06

Simplicity now what we need to do is we

11:08

need to add some lines of codes to our

11:11

python script but don't be afraid you

11:12

don't actually need to know Python

11:14

Programming or anything because these

11:16

lines of codes are given to you all you

11:18

need to do is you need to start the

11:19

machine in the top right corner and this

11:21

will split our screen in half and then

11:23

we can copy the lines of codes into the

11:25

detector script so as you can see if we

11:27

walk through the codes the first thing

11:29

we do is we import python libraries that

11:31

are needed for our neural network here

11:33

we're using two libraries one is called

11:35

pandas and the other one is called py

11:37

learn for building our neuron Network

11:39

and the next thing is we need to load

11:41

the data set in our case we have two

11:43

Excel files and then once we get the

11:45

input data remember we normalize it so

11:47

in our previous example we had to

11:49

multiply it by the weight but also in

11:51

this example we need to make all the

11:52

inputs numerical so even the color we

11:54

need to just convert it to numbers so

11:56

that we get a simple decimal output

11:58

answer and finally we need to load the

12:00

data everything will be stored in the

12:02

variable we call x and testore x stores

12:05

the testing data for us the next step is

12:07

where you will need to copy some lines

12:08

of code so for our data set remember we

12:11

have one file for both the training and

12:13

the validation so we will split the data

12:15

in this example we will use an 80/20

12:17

split so what I will do I will simply

12:20

copy this line into the script sh I use

12:22

the Vim editor because as I was

12:24

recording it was a little bit slow

12:26

remember you can just use the graphical

12:27

interface you can simp simply double

12:29

click on the script and you can copy and

12:31

paste the line you don't actually need

12:32

to use the vi editor if that's easier

12:34

for you and the next step we need to

12:36

copy these lines to normalize the data

12:38

simply copy paste this line into the

12:40

script and then we need to start the

12:42

training process again all I will do is

12:44

just copy this line into the script then

12:47

we've got our classifier code and our

12:49

validation prediction code as well and

12:51

finally we need to insert a testing

12:53

prediction code as well once you're done

12:55

remember to save the file if you've

12:57

double clicked on the file and you edit

12:59

that just make sure to click save and

13:01

then we will simply run this python

13:02

script so we simply type the command

13:04

Python 3 space and then we type

13:06

detector. py you can copy this line of

13:09

code if it's easy for you and then we

13:10

can watch the magic happen a few moments

13:13

later now when you finish the prediction

13:15

will be saved to a file then we simply

13:17

need to upload the prediction to this

13:19

URL so open this URL within your testing

13:22

machine and then we upload the file so

13:24

let's see if our prediction were

13:26

accurate if our accuracy is above 90%

13:28

person then we will be awarded with the

13:30

flag and here we go winning we got the

13:33

flag I'm not going to lie it feels good

13:35

now when you run it you may not always

13:37

get 90% accuracy and if that happens

13:39

simply run it again and the explanation

13:41

for that is within neural networks there

13:43

is some Randomness built in remember

13:45

they try to mimic a real human brain a

13:48

real neural network so this is a an

13:50

issue to look out for now when it comes

13:52

to cyber security Ai and machine

13:54

learning are not a new topic in fact

13:56

even 5 years ago I was bombarded by by

13:58

vendors telling me how they have this

14:00

sophisticated Ai and machine learning

14:02

built into their products but when I go

14:04

and test them I get extremely

14:06

questionable results it was simply bad

14:09

however today they have gotten a lot

14:11

better now some of the security tools

14:13

that can make use of AI is tools we use

14:15

to detect unusual behavior and this is

14:18

important because neural network can be

14:20

really good at detecting things a lot

14:22

faster than us humans for example if you

14:24

have a malware on your network then the

14:26

traffic will look different than the

14:28

normal traffic so your neural network

14:30

can actually learn what a normal

14:32

day-to-day operation looks like and

14:34

whenever there is something unusual then

14:36

that AI or machine learning can generate

14:38

an alert for you this is extremely

14:40

useful for cyber security professionals

14:42

who work in detecting and responding to

14:44

cyber attacks another thing which is

14:45

also popular in the industry is what we

14:47

refer to as user Behavior analytics for

14:50

example if every day I log into my email

14:53

at 9:00 a.m. from Australia but all of a

14:55

sudden out of the blue my username logs

14:57

into my email email at 3:00 a.m. from

15:00

France this is an unusual behavior

15:02

because machine learning have learned

15:04

and observed my behavior over a very

15:06

long period of time and now it can

15:08

detect if I'm doing something that's

15:09

unusual now notice these are simplistic

15:12

examples but as you've learned in this

15:14

course if you provide really good data

15:16

sets into your machine learning it can

15:17

provide you with fairly accurate

15:19

predictions now the final part of the

15:21

challenge is to answer the questions so

15:23

the first question is what is the other

15:24

term given for artificial intelligence

15:26

this is an easy one machine learning the

15:28

second question is what machine

15:30

learnings aim to mimic the process of

15:32

natural selection it's called genetic

15:34

algorithm we talked about this at the

15:36

beginning of the lesson and then what's

15:38

the name of the learning style that

15:39

makes use of labeled data to train a

15:41

machine learning structure if we scroll

15:43

up this is called supervised learning

15:45

and what's the name of the layer between

15:47

the input and output layers of neural

15:49

network this is the hidden layer this is

15:51

where the magic happens and finally what

15:53

is the name of the process used to

15:55

provide feedback to the newal network on

15:57

how close it prediction was is called

15:59

back propagation this is where we tell

16:00

the network whether the prediction was

16:02

correct or not and finally we need to

16:04

submit the flag that we got so all we

16:06

need to do is copy paste the flag here

16:08

and submit now as I said Ai and machine

16:10

learning are an extremely Hot Topic in

16:12

cyber security and if you're trying to

16:14

land your first cyber security job then

16:16

I have a step by-step road map to take

16:17

you from absolute beginner all the way

16:19

to becoming a cyber security

16:21

professional in this video and I'll see

16:22

you there