The Application of Data Science to Cyber Security (Online Training)

This is an interactive course, with the goal of teaching security professionals how to implement data science techniques in order to obtain valuable insights. This course will encompass various topics including: feature engineering, exploratory data analysis, data visualization, machine learning and probabilistic graphical models. I believe the combination of data science and security allows the security community to move our assumptions, opinions and beliefs into knowledge. This two day course teaches attendees the data science concepts, techniques and processes for analyzing various security datasets.

No previous data science experience is necessary as this course is designed for those who are new to data science. Background understanding programming is very helpful, specifically Python.

This interactive course will teach security professionals how to use data science techniques to quickly manipulate and analyze network and security data and ultimately, uncover valuable insights. You will learn how to read data in common formats and write scripts to analyze and visualize that data. Topics range from data preparation and machine learning to model evaluation, optimization and implementation—at scale.

Write scripts to efficiently read and manipulate CSV, XML, and JSON files Quickly and efficiently parse executables, log files, pcap and extract artifacts from them Make API calls to merge datasets Use the Pandas library to quickly manipulate tabular data Effectively visualize data using Python Pre-process raw security data for machine learning and feature engineering Build, apply and evaluate machine learning algorithms to identify potential threats Automate the process of tuning and optimizing machine learning models Hunt anomalous indicators of compromise and reducing false positives Use supervised learning algorithms such as Random Forests, Naive Bayes, K-Nearest Neighbors (K-NN) and Support Vector Machines (SVM) to classify malicious URLs and identify SQL Injection Apply unsupervised learning algorithms such as K-Means Clustering to detect anomalous

About the Speaker

Imani Palmer

I am a research programmer at the Information Trust Institute. My primary research focus is the abstraction of low-level data into higher-level knowledge. Specifically, I investigate the relationships among computer artifacts. I am also a Ph.D. candidate in the Computer Science Department at the University of Illinois at Urbana-Champaign as a member of Professor Roy Campbell’s research group. I have a profound passion for security and privacy research. My key research focuses on science of security, applied hacking, and security education. My current research focuses on improving the digital forensic analysis process through the application of artificial intelligence, data mining, and graph theory. I am also passionate about educating the future security workforce. I conduct research in building effective security curriculum for K-12 and community college, and undergraduate.