Big data for cyber security

Learn about the anomalies and basic methods of anomaly detection based on cyber-attacks.

Following topics are included in this course:

  • Data flows: Presentation of real data flow (capture of data from cyber attacks - honeypot; Storage of data in databases (Elasticsearch); Data flow analysis; Sampling and filtering of data; Counting of elements in flow; Estimation of number of elements in flow)
  • Detection of anomalies: What are anomalies or. loners; Types of anomalies; Challenges / tasks of anomaly detection; Methods of detecting anomalies
  • Example of data stream processing: Use of the Elasticsearch database for exploratory data exploration; Implementation of counting various elements (python); Implementation of unusual event detection as an example of anomaly detection (python).

Learning objectives:

  • Learn about the system for capturing cyber-attack data and creating a cyber-data stream
  • Understand the data flows and methods for analyzing data flows in the case of cyber attacks
  • Understand the anomalies and basic methods of anomaly detection based on cyber attack data

 

Difficulty:
Type:LecturePracticeDemonstration
Status:Closing date exceeded
Duration:1 day
Tutor:Matej Kren
Location: Fakulteta za elektrotehniko
Tržaška 25
1000 Ljubljana
Fees:470+ddv
Inquiry
Apply as
Individual
Organisation
Student
Status: Closing date exceeded

Newsletter