Course 2019-2020 a.y.

20651 - ARTIFICIAL INTELLIGENCE FOR SECURITY

Cross-institutional study L. Bocconi - Politecnico Milano

Course taught in English
Go to class group/s: 25
CYBER (6 credits - I sem. - OB  |  ING-INF/05)
Course Director:
MARK JAMES CARMAN

Classes: 25 (I sem.)
Instructors:
Class 25: MARK JAMES CARMAN


Mission & Content Summary

MISSION

The use of Artificial Intelligence and in particular machine learning techniques has become prevalent in, and integral to, many cybersecurity applications including threat prediction, detection, and prevention. Understanding the capabilities and limitations of this technology is thus critical for assessing and managing cyber risk within an organization. This course introduces students to the main AI technologies used for classification, clustering and anomaly detection with practical applications in areas including malware analysis, and network security.

CONTENT SUMMARY

This course introduces students to relevant artificial intelligence concepts and the data analysis methods and technologies employed in security related applications. The contents include:

  • The cyber threat landscape
  • Artificial intelligence and machine learning
  • Uses and limitations of machine learning for security
  • Popular classification algorithms (logistic regression, decision trees, etc.)
  • The training of classifiers (data preparation, feature selection, overfitting, evaluation)
  • Clustering and anomaly detection techniques
  • Practical investigation of malware analysis, network security and abuse detection
  • Advanced concepts: building production systems, and adversarial machine learning
  • Open source intelligence tools

Intended Learning Outcomes (ILO)

KNOWLEDGE AND UNDERSTANDING

At the end of the course student will be able to...
  • Discuss the cyber security threat landscape.
  • Describe the artificial intelligence techniques commonly used in cyber security applications, such as classification, clustering and anomaly detection techniques.
  • Explain the capabilities and limitations of machine learning techniques for security applications including the types of threats that can and cannot be handled by them.
  • Discuss practical aspects of training and testing threat detection systems.
  • Reason about future security threats that could result from adversarial machine learning techniques.

APPLYING KNOWLEDGE AND UNDERSTANDING

At the end of the course student will be able to...
  • Decide which artificial intelligence tools are appropriate for dealing with certain security threats to organisations and reason about the level of protection afforded by the tools.
  • Apply classification technology to develop a threat detection system by collecting appropriate training data and training appropriate classifiers.
  • Apply clustering and anomaly detection techniques to identify anomalous behavior in log data.

Teaching methods

  • Face-to-face lectures
  • Exercises (exercises, database, software etc.)
  • Individual assignments

DETAILS

Attendance

Theoretical discussions and practical (programming) exercises will be performed in class, making attendance critical for achieving the desired learning outcomes.


Assessment methods

  Continuous assessment Partial exams General exam
  • Written individual exam (traditional/online)
    x
  • Individual assignment (report, exercise, presentation, project work etc.)
    x

ATTENDING STUDENTS

Assessment for attending students will consist of:

  1. Individual assignments (25% of the final grade)
  2. Written exam (75% of final grade)

NOT ATTENDING STUDENTS

  1. Individual assignments (25% of the final grade, submitted by email)
  2. Written exam (75% of final grade)

Teaching materials


ATTENDING STUDENTS

  • Teaching notes, suggested readings
  • Textbook: Clarence Chio & David Freeman, “Machine Learning & Security: Protecting Systems with Data and Algorithms”,  O’Reilly.

NOT ATTENDING STUDENTS

  • Teaching notes, suggested readings
  • Textbook: Clarence Chio & David Freeman, “Machine Learning & Security: Protecting Systems with Data and Algorithms”,  O’Reilly.
Last change 07/06/2019 12:01