Prospectus

nl en

Data Mining for Cyber Security

Course
2019-2020

Admission requirements

Admission only after intake, see https://www.csacademy.nl/en/education/master-s-programmes/executive-master-s-programme-cyber-security
Elective in Master’s Programme Cyber Security

Description

The course will provide an overview of data mining and data stream mining techniques and their applications to cyber security. The course teaches you how to go from raw input data to useful results in credit-card fraud detection, real-time detection of attacks and deviations in SCADA systems, and detection of botnet activities in network traffic. Practical work with real data will provide the participants some hands-on experience with applying data mining to real-life problems. Limitations of data mining in cyber security will also be discussed, in particular the ability of adversaries to modify their data and how to deal with this. Privacy issues and solutions to increase the privacy of individuals in a data set will be reviewed.

Course objectives

Participants have:

  • knowledge and understanding of the potentials and pitfalls of using data mining in cyber security

  • knowledge and understanding of the inner workings of data mining solutions for cyber data

  • mining data where the majority of data are benign

  • detecting anomalies

  • mining sequential data

  • real-time data mining from vast data streams

  • learning profiles and fingerprints

  • the ability to correctly apply data mining tools on real-world problems

  • knowledge and understanding of privacy and adversarial aware data mining

Timetable

4 days from 9.30 until 17.00
Friday June 12, 2020
Friday June 19, 2020
Friday June 26, 2020
Friday July 3, 2020

Friday July 10, 2020 exam date

Mode of instruction

Lectures, seminars, exercises, class discussion, lab exercises
Lecturers: Dr. Sicco Verwer (TUD)

Assessment method

Assignment (50%), presentation (10%), written exam (40%)
Only assessments with the weight of 30% and lower are compensable. This means that one does not have to pass an assessment if it weighs 30% or less in order to pass the course, if the average of all assessments combined is at least a 5.5. In addition, assignments weighing up to and including 30% are not re-sitable, meaning that if one failed an assessment of 30% or less one is not allowed to redo it and that assessment must be compensated by the other assessment(s).
The resit will take the same form.

Reading list

Compulsory literature and literature for further consultation will be announced via Blackboard

Registration

No registration is required for lectures and exams.

Contact

Chantal de Groot programme manager

Remarks

See https://www.csacademy.nl/en/education/master-s-programmes/executive-master-s-programme-cyber-security