Skip to Main Content

IS 678-Data Analytics in Cybersecurity

Cyber security is a pervasive problem affecting individuals, organizations, and governments. This is due to the acceptance and adoption of technology in the form of multiple types of non-traditional devices. Thus, cybersecurity has to address challenges emerging in the areas of not only computer networks but also sensor networks, industrial control systems and user devices. One common thread in all these types of devices and end users is data. Increasingly, the focus of cybersecurity is shifting to analyzing data in not only a retrospective manner but also a prospective manner across different segments of cybersecurity domain such as software vulnerabilities , network data from intrusion detection systems, network traffic data, and user roles to name a few. Due to the seamless nature of the internet it has become more important to attribute cyber security events to geographic domains. Thus, data analytics has to go beyond the traditional themes of security and seamlessly weave across several domains including geo spatial data and temporal data. This course is an introduction to data analytics for cybersecurity. The course will look at data from different perspectives such as geospatial, temporal, social network, and sensor networks to assess cyber threats and knowledge about cyber-attacks. The course will provide an introduction to cybersecurity and different aspects of it, study different types of cyber attacks, anomalies and their relationship to cyber threats, introduction to data mining and big data analytics, methods for discovering anomalies, tools for data analytics and anomaly detection, and hands-on exercises for data analysis. The course will include lectures and hands-on analytics tasks.