In [1]:

import openai
import os
import IPython
## from langchain.llms import OpenAI
from dotenv import load_dotenv


In [2]:

def set_open_params(
    model="gpt-4o-mini",
    temperature=0.7,
    max_tokens=256,
    top_p=1,
    frequency_penalty=0,
    presence_penalty=0,
):
    """ set openai parameters"""

    openai_params = {}    

    openai_params['model'] = model
    openai_params['temperature'] = temperature
    openai_params['max_tokens'] = max_tokens
    openai_params['top_p'] = top_p
    openai_params['frequency_penalty'] = frequency_penalty
    openai_params['presence_penalty'] = presence_penalty
    return openai_params

def get_completion(params, messages):
    """ GET completion from openai api"""

    response = openai.chat.completions.create(
        model = params['model'],
        messages = messages,
        temperature = params['temperature'],
        max_tokens = params['max_tokens'],
        top_p = params['top_p'],
        frequency_penalty = params['frequency_penalty'],
        presence_penalty = params['presence_penalty'],
    )
    return response


In [3]:

# basic example
params = set_open_params()

prompt = "The sky is"

messages = [
    {
        "role": "user",
        "content": prompt
    }
]

response = get_completion(params, messages)

response


ChatCompletion(id='chatcmpl-AgPO89RRiwfxjYJk33f8VpoDFYnC7', choices=[Choice(finish_reason='stop', index=0, logprobs=None, message=ChatCompletionMessage(content='The sky is a vast expanse that often captivates our imagination. It can be a brilliant blue during the day, adorned with fluffy white clouds, or transformed into a stunning palette of oranges and pinks at sunset. At night, it reveals a tapestry of stars, planets, and sometimes the moon, evoking a sense of wonder about the universe. What aspect of the sky are you interested in exploring?', refusal=None, role='assistant', audio=None, function_call=None, tool_calls=None))], created=1734670732, model='gpt-4o-mini-2024-07-18', object='chat.completion', service_tier=None, system_fingerprint='fp_0aa8d3e20b', usage=CompletionUsage(completion_tokens=83, prompt_tokens=10, total_tokens=93, completion_tokens_details=CompletionTokensDetails(accepted_prediction_tokens=0, audio_tokens=0, reasoning_tokens=0, rejected_prediction_tokens=0), prom

In [4]:

prompt = """The odd numbers in this group add up to an even number: 4, 8, 9, 15, 12, 2, 1.
A: Adding all the odd numbers (9, 15, 1) gives 25. The answer is False.

The odd numbers in this group add up to an even number: 15, 32, 5, 13, 82, 7, 1. 
A:"""

messages = [
    {
        "role": "user",
        "content": prompt
    }
]

response = get_completion(params, messages)
IPython.display.Markdown(response.choices[0].message.content)


Let's identify the odd numbers in the group: 15, 5, 13, 7, and 1. 

Now, let's add them together:

15 + 5 + 13 + 7 + 1 = 41.

Since 41 is an odd number, the statement is False. The odd numbers in this group do not add up to an even number.

In [None]:

import numpy as np
from scipy.stats import entropy

# Random data distribution (e.g., probabilities of events)
data_distribution = [0.2, 0.5, 0.3]

# Calculate Shannon entropy
shannon_entropy = entropy(data_distribution, base=2)  # Base 2 for bits
print(f"Shannon Entropy: {shannon_entropy:.4f} bits")



In [None]:

import numpy as np

# Simulated network traffic data (packet sizes in bytes)
network_traffic = [40, 40, 45, 50, 55, 500, 45, 50, 60, 55]  # Anomalous 500

# Calculate entropy
def calculate_entropy(data):
    values, counts = np.unique(data, return_counts=True)
    probabilities = counts / len(data)
    return -np.sum(probabilities * np.log2(probabilities))

entropy_before = calculate_entropy(network_traffic[:-1])  # Normal traffic
entropy_after = calculate_entropy(network_traffic)  # With anomaly

print(f"Entropy before anomaly: {entropy_before:.4f}")
print(f"Entropy after anomaly: {entropy_after:.4f}")



In [None]:

from sklearn.feature_selection import mutual_info_classif
import numpy as np

# Simulated dataset (features and labels)
X = np.array([[1, 0], [0, 1], [1, 1], [0, 0], [1, 0]])  # Features
y = np.array([0, 1, 1, 0, 0])  # Labels

# Calculate mutual information
mi = mutual_info_classif(X, y, discrete_features=True)
print(f"Mutual Information between features and labels: {mi}")



In [None]:

# Simulate key distribution (probabilities of each key being used)
key_distribution = [0.7, 0.2, 0.1]

# Calculate entropy of the key distribution
key_entropy = -np.sum([p * np.log2(p) for p in key_distribution])
print(f"Entropy of key distribution: {key_entropy:.4f} bits")



In [None]:

def calculate_file_entropy(file_data):
    """Calculate Shannon entropy of a binary file."""
    byte_counts = np.bincount(np.frombuffer(file_data, dtype=np.uint8), minlength=256)
    probabilities = byte_counts / len(file_data)
    probabilities = probabilities[probabilities > 0]  # Filter non-zero probabilities
    return -np.sum(probabilities * np.log2(probabilities))

# Simulated binary file (random bytes)
file_data = np.random.randint(0, 256, size=1024, dtype=np.uint8).tobytes()

file_entropy = calculate_file_entropy(file_data)
print(f"File Entropy: {file_entropy:.4f} bits")



In [None]:

from scipy.stats import entropy

# Simulated network traffic distributions (normal vs. anomaly)
normal_traffic = [0.4, 0.3, 0.2, 0.1]
anomalous_traffic = [0.1, 0.3, 0.4, 0.2]

# Calculate KL divergence
kl_divergence = entropy(normal_traffic, anomalous_traffic)
print(f"KL Divergence: {kl_divergence:.4f}")



In [None]:

import matplotlib.pyplot as plt

# Generate random data and calculate entropy over a sliding window
data = np.random.randint(1, 100, 100)
window_size = 10
entropies = [calculate_entropy(data[i:i+window_size]) for i in range(len(data) - window_size + 1)]

# Plot entropy over time
plt.plot(entropies)
plt.title("Entropy Over Time")
plt.xlabel("Time")
plt.ylabel("Entropy")
plt.show()



In [None]:

# Simulated risk probabilities for a set of cyber threats
threat_probabilities = [0.1, 0.2, 0.4, 0.3]

# Calculate entropy as a measure of uncertainty in threat likelihood
risk_entropy = -np.sum([p * np.log2(p) for p in threat_probabilities])
print(f"Risk Entropy: {risk_entropy:.4f} bits")



In [None]:

# Simulated impact scores for cyber threats
threat_impacts = [0.8, 0.5, 0.9, 0.6]
expected_risks = [p * i for p, i in zip(threat_probabilities, threat_impacts)]

# Select the threat with the highest expected risk
highest_risk_index = np.argmax(expected_risks)
print(f"Threat with highest expected risk: {highest_risk_index}")



In [None]:

# Simulated probability distributions of model predictions
original_distribution = [0.7, 0.2, 0.1]
adversarial_distribution = [0.4, 0.4, 0.2]

# KL Divergence to measure the effect of the adversarial attack
kl_div = entropy(original_distribution, adversarial_distribution)
print(f"KL Divergence between original and adversarial: {kl_div:.4f}")



In [None]:

# Quantum entropy calculation (von Neumann entropy)
def quantum_entropy(density_matrix):
    """Calculate von Neumann entropy from a density matrix."""
    eigenvalues = np.linalg.eigvals(density_matrix)
    eigenvalues = eigenvalues[eigenvalues > 0]  # Filter out zero eigenvalues
    return -np.sum(eigenvalues * np.log2(eigenvalues))

# Example density matrix (random Hermitian positive-definite matrix)
density_matrix = np.array([[0.5, 0.1], [0.1, 0.5]])
quantum_entropy_value = quantum_entropy(density_matrix)
print(f"Quantum Entropy: {quantum_entropy_value:.4f}")



In [None]:

# Simulated attack probabilities and entropy changes
attack_probabilities = [0.2, 0.5, 0.3]  # Before detection system
updated_probabilities = [0.1, 0.7, 0.2]  # After detection system

# Calculate information gained by the system
initial_entropy = entropy(attack_probabilities, base=2)
updated_entropy = entropy(updated_probabilities, base=2)
information_gain = initial_entropy - updated_entropy

print(f"Initial Entropy: {initial_entropy:.4f} bits")
print(f"Updated Entropy: {updated_entropy:.4f} bits")
print(f"Information Gain: {information_gain:.4f} bits")



In [None]:

# Simulated probabilities of data exposure in different scenarios
exposure_probabilities = [0.6, 0.3, 0.1]

# Calculate entropy to quantify uncertainty about data exposure
exposure_entropy = -np.sum([p * np.log2(p) for p in exposure_probabilities])
print(f"Data Exposure Entropy: {exposure_entropy:.4f} bits")



In [None]:

import numpy as np

# Adding Laplace noise for differential privacy
def add_laplace_noise(value, sensitivity, epsilon):
    """Add Laplace noise to a value for differential privacy."""
    noise = np.random.laplace(0, sensitivity / epsilon)
    return value + noise

# Original value and sensitivity
original_value = 100  # e.g., a count of events
sensitivity = 1
epsilon = 0.5

noisy_value = add_laplace_noise(original_value, sensitivity, epsilon)
print(f"Original Value: {original_value}")
print(f"Noisy Value (Differential Privacy): {noisy_value}")



In [None]:

from sklearn.metrics import mutual_info_score

# Simulated network traffic patterns (categorical data)
traffic_pattern_1 = [1, 2, 1, 2, 3, 1]
traffic_pattern_2 = [2, 2, 1, 2, 3, 2]

# Calculate mutual information between two traffic patterns
mi_score = mutual_info_score(traffic_pattern_1, traffic_pattern_2)
print(f"Mutual Information between traffic patterns: {mi_score:.4f}")



In [None]:

# Simulated probabilities and anomaly scores
probabilities = np.random.dirichlet(np.ones(5), size=1)[0]
anomaly_scores = np.random.uniform(0, 1, size=5)

# Combine entropy and anomaly score for a composite metric
composite_metric = [p * s for p, s in zip(probabilities, anomaly_scores)]
print("Composite Metric for Threat Detection:")
print(composite_metric)



In [None]:

# Joint distribution of two events
joint_distribution = np.array([
    [0.1, 0.2],  # P(X=0, Y=0) and P(X=0, Y=1)
    [0.3, 0.4]   # P(X=1, Y=0) and P(X=1, Y=1)
])

# Calculate joint entropy
joint_entropy = -np.sum(joint_distribution * np.log2(joint_distribution[joint_distribution > 0]))
print(f"Joint Entropy: {joint_entropy:.4f} bits")



In [None]:

# P(X|Y) = P(X and Y) / P(Y)
marginal_y = np.sum(joint_distribution, axis=0)  # Marginal distribution of Y
conditional_entropy = -np.sum(
    joint_distribution * np.log2(joint_distribution / marginal_y[np.newaxis, :])
)

print(f"Conditional Entropy H(X|Y): {conditional_entropy:.4f} bits")



In [None]:

# Simulated traffic packet counts per second
normal_traffic = np.random.randint(40, 60, 100)  # Normal range
anomalous_traffic = np.append(normal_traffic, np.random.randint(500, 600, 5))  # Spike anomaly

# Sliding window entropy detection
def sliding_window_entropy(data, window_size):
    entropies = []
    for i in range(len(data) - window_size + 1):
        window = data[i:i + window_size]
        values, counts = np.unique(window, return_counts=True)
        probabilities = counts / len(window)
        entropies.append(-np.sum(probabilities * np.log2(probabilities)))
    return entropies

window_entropies = sliding_window_entropy(anomalous_traffic, window_size=10)
print(f"Window Entropies: {window_entropies[:5]}...")  # Display first few entropies



In [None]:

# Simulated key, plaintext, and ciphertext distributions
plaintext_distribution = np.array([0.5, 0.5])  # P(P)
key_distribution = np.array([0.5, 0.5])  # P(K)
ciphertext_distribution = np.array([0.5, 0.5])  # P(C)

# Verify perfect secrecy: P(C) == P(P)
perfect_secrecy = np.allclose(plaintext_distribution, ciphertext_distribution)
print(f"Is the encryption scheme perfectly secret? {perfect_secrecy}")



In [None]:

# Simulated packed malware data (low entropy binary)
packed_binary = np.random.choice([0, 1], size=1024, p=[0.8, 0.2])
entropy = calculate_file_entropy(packed_binary.tobytes())

# Threshold for detecting packed binaries
threshold = 4.0
is_packed = entropy < threshold
print(f"Entropy: {entropy:.4f}")
print(f"Is the binary packed malware? {is_packed}")



In [None]:

# Simulated IP addresses (categorical data)
ip_addresses = ["192.168.1.1", "192.168.1.2", "10.0.0.1", "192.168.1.1", "10.0.0.1"]
actions = ["LOGIN", "LOGOUT", "UPLOAD", "LOGIN", "UPLOAD"]

# Calculate conditional entropy H(Actions|IP)
joint_probs = {}
for ip, action in zip(ip_addresses, actions):
    joint_probs[(ip, action)] = joint_probs.get((ip, action), 0) + 1
joint_probs = {k: v / len(actions) for k, v in joint_probs.items()}

# Marginal probabilities of IP
marginal_probs = {}
for ip in ip_addresses:
    marginal_probs[ip] = marginal_probs.get(ip, 0) + 1
marginal_probs = {k: v / len(ip_addresses) for k, v in marginal_probs.items()}

conditional_entropy = 0
for (ip, action), p_joint in joint_probs.items():
    conditional_entropy -= p_joint * np.log2(p_joint / marginal_probs[ip])

print(f"Conditional Entropy H(Actions|IP): {conditional_entropy:.4f} bits")



In [None]:

import matplotlib.pyplot as plt

# Simulated probabilities for different threat levels
threat_levels = ["Low", "Medium", "High"]
threat_probabilities = [0.6, 0.3, 0.1]

# Calculate entropy
entropy = -np.sum([p * np.log2(p) for p in threat_probabilities])

# Bar chart of threat probabilities
plt.bar(threat_levels, threat_probabilities, color='blue')
plt.title(f"Threat Levels (Entropy: {entropy:.4f} bits)")
plt.xlabel("Threat Level")
plt.ylabel("Probability")
plt.show()



In [None]:

import torch

# Simulated model and data
model = lambda x: x.sum(dim=1)  # Simple sum model
data = torch.tensor([[1.0, 2.0], [3.0, 4.0]])

# Adversarial noise generation
epsilon = 0.1
noise = epsilon * torch.randn_like(data)
adversarial_data = data + noise

# Outputs before and after attack
original_output = model(data)
adversarial_output = model(adversarial_data)

print(f"Original Output: {original_output}")
print(f"Adversarial Output: {adversarial_output}")



In [None]:

# Simulate network traffic
traffic = np.random.randint(1, 100, size=200)

# Calculate entropy over time
entropies = sliding_window_entropy(traffic, window_size=20)

# Visualize
plt.plot(entropies)
plt.title("Traffic Entropy Over Time")
plt.xlabel("Time")
plt.ylabel("Entropy")
plt.show()



In [None]:


import torch
from transformers import pipeline, AutoModelForSequenceClassification, AutoTokenizer

# Load a pre-trained sentiment analysis model and tokenizer
model_name = "distilbert-base-uncased-finetuned-sst-2-english"  # Sentiment Analysis Model
model = AutoModelForSequenceClassification.from_pretrained(model_name)
tokenizer = AutoTokenizer.from_pretrained(model_name)

# Define the original input text
original_text = "I love this product. It's fantastic!"

# Function to generate adversarial examples
def generate_adversarial_text(text, model, tokenizer, epsilon=0.01):
    """
    Generates adversarial text by perturbing token embeddings.

    Args:
        text (str): Original input text.
        model: Hugging Face model.
        tokenizer: Hugging Face tokenizer.
        epsilon (float): Magnitude of perturbation.

    Returns:
        str: Adversarial text.
    """
    # Tokenize input and convert to tensors
    inputs = tokenizer(text, return_tensors="pt", padding=True, truncation=True)
    input_ids = inputs["input_ids"]
    attention_mask = inputs["attention_mask"]
    
    # Get embeddings
    embedding_layer = model.get_input_embeddings()
    original_embeddings = embedding_layer(input_ids)

    # Create adversarial perturbation
    perturbation = epsilon * torch.randn_like(original_embeddings)
    adversarial_embeddings = original_embeddings + perturbation

    # Replace model's embedding layer temporarily with adversarial embeddings
    def forward_hook(module, input, output):
        return adversarial_embeddings

    hook = embedding_layer.register_forward_hook(forward_hook)

    try:
        # Get predictions with adversarial input
        outputs = model(input_ids=input_ids, attention_mask=attention_mask)
        logits = outputs.logits
        predicted_class = torch.argmax(logits, dim=-1).item()
        
        # Decode adversarial input back to text (for interpretability)
        adversarial_tokens = tokenizer.convert_ids_to_tokens(input_ids[0])
        adversarial_text = tokenizer.decode(input_ids[0])
    finally:
        # Remove hook after inference
        hook.remove()

    return adversarial_text, predicted_class

# Generate adversarial example
adversarial_text, adversarial_class = generate_adversarial_text(original_text, model, tokenizer)

# Print results
print("Original Text:", original_text)
print("Adversarial Text:", adversarial_text)
print("Adversarial Class:", "Positive" if adversarial_class == 1 else "Negative")



In [None]:

1. Introduction
Sections: 1.1. Importance of Cybersecurity in the Modern Era
1.2. Overview of Information Theory
1.3. Role of Information Theory Metrics in Cybersecurity
1.4. Scope and Objectives of the Book
2. Fundamentals of Information Theory
Sections: 2.1. Key Concepts in Information Theory
- Entropy, Joint Entropy, Conditional Entropy
- Mutual Information
- KL Divergence
2.2. Channel Capacity and Noise
2.3. Information Compression and Encoding Basics
2.4. Applications of Information Theory in Real-World Problems
3. Cybersecurity Challenges and Information-Theoretic Perspectives
Sections: 3.1. Key Challenges in Cybersecurity
- Malware Detection
- Network Intrusion Detection
- Data Privacy and Leakage
- Cryptographic Security
3.2. Mapping Cybersecurity Problems to Information Theory Concepts
3.3. Advantages of Using Information Theory Metrics
4. Metrics for Intrusion Detection
Sections: 4.1. Entropy-Based Metrics for Anomaly Detection
4.2. Mutual Information for Identifying Suspicious Network Activities
4.3. KL Divergence for Statistical Anomaly Detection
4.4. Use Cases:
- Detecting Denial-of-Service (DoS) Attacks
- Monitoring Traffic for Botnets
5. Metrics for Data Privacy and Leakage Prevention
Sections: 5.1. Quantifying Data Sensitivity with Entropy
5.2. Shannon’s Theory and Data Leakage Estimation
5.3. Mutual Information for Privacy Preservation
5.4. Case Studies:
- Differential Privacy
- Information Flow Control in Systems
6. Cryptography and Information Theory
Sections: 6.1. Shannon’s Perfect Secrecy
6.2. Information-Theoretic Security vs. Computational Security
6.3. Key Distribution and Capacity
6.4. Evaluating Cryptographic Protocols Using Entropy and Mutual Information
7. Metrics for Malware and Ransomware Analysis
Sections: 7.1. Entropy Analysis of Binary Files
7.2. Mutual Information for Behavior Analysis
7.3. Case Studies:
- Identifying Packed Malware
- Analyzing Ransomware Payloads
8. Network Security and Information Theory
Sections: 8.1. Measuring Network Uncertainty with Entropy
8.2. Mutual Information for Traffic Correlation and Forensics
8.3. Using KL Divergence for Protocol Anomaly Detection
8.4. Practical Applications:
- Securing IoT Networks
- Detecting Advanced Persistent Threats (APTs)
9. Information Theory for Risk Assessment
Sections: 9.1. Quantifying Risk Using Entropy
9.2. Mutual Information for Understanding Attack Impact
9.3. Decision-Making Frameworks Based on Information Metrics
9.4. Examples in Enterprise Security
10. Advanced Topics and Emerging Trends
Sections: 10.1. Information-Theoretic Metrics for AI-Based Cybersecurity
10.2. Adversarial Attacks and Information Theory
10.3. Quantum Information Theory in Cybersecurity
10.4. Future Directions for Research
11. Practical Implementations and Tools
Sections: 11.1. Open-Source Libraries for Information Theory Applications
11.2. Building Metrics with Python
11.3. Case Study: End-to-End Example of Using Information Theory in Cybersecurity
11.4. Challenges and Limitations of Practical Implementations
12. Conclusion and Future Outlook
Sections: 12.1. Recap of Key Concepts and Metrics
12.2. The Evolving Role of Information Theory in Cybersecurity
12.3. Recommendations for Researchers and Practitioners
12.4. Final Thoughts
Appendices
A. Mathematical Foundations of Information Theory
B. Glossary of Terms
C. References and Further Reading
D. Code Snippets and Practical Guides
