CISC 850 - Applications of Advanced Analytics to Cybersecurity ("CyberAnalytics")

Professor John Cavazos
Class Time Tuesdays, 6pm-9pm
Room Purnell Hall 227
Office Hours by appointment
Course Number CISC 850
Teaching Assistant: Tristan Vanderbruggen
Lecture   Slides  
2/7 Lecture 1 : Course Overview   Slides Part 1 (PDF) Part 2 (PDF)
2/14 Lecture 2 : Introduction to Machine Learning applied to Cybersecurity   Slides (PDF)
2/21 Lecture 3 : Advanced Machine Learning applied to Cybersecurity   Slides (PDF)
2/28 Lecture 4 : Malware and Static Analysis   Slides (PDF)
3/7 Lecture 5 : Dynamic Analysis of Malware / Cuckoo Demo  Slides (Dynamic Analysis) Slides (Cuckoo Demo)
3/14 Snow Day 
3/28 Paper presentations  Paper:Deep Reinforcement Learning for Dialogue Generation
Slides (PDF)
Paper:A Survey of Visualization Systems for Malware Analysis
Slides (PDF)
Paper:Visualization of Shared System Call Sequence Relationships in Large Malware Corpora
Slides (PDF)
Paper:Multi-aspect visual analytics on large-scale high-dimensional cyber security data
Slides (PDF) Paper:Improving the Efficiency of Dynamic Malware Analysis
Slides (PDF)
4/4 Lecture 6 : Cyber Analytics Service Constraints and Solutions   (Slides)
4/11 Paper presentations  Paper:Visual Analytics for cyber security and intelligence
Slides (PDF)
Paper:On Detection and Visualization Techniques for Cyber Security Situation Awareness
Slides (PDF)
Paper:Automatic Analysis of Malware Behavior using Machine Learning
Slides (PDF)
Paper:Lightweight Structured Visualization of Assembler Control Flow based on Regular Expressions
Slides (PDF)
4/18 Paper presentations  Paper:Malware Analysis Using Visualized Image Matrices
Slides (PDF)
Paper:Improving Malware Classification: Bridging the Static/Dynamic Gap
Slides (PDF)
Paper:MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing
Slides (PDF)
Paper:Use of K-Nearest Neighbor classifier for intrusion detection
Slides (PDF)
4/25 Paper presentations  Paper:Malware analysis using visualized images and entropy graphs
Slides (PDF)
Paper:Visual Analysis of Malware Behavior Using Treemaps and Thread Graphs
Slides (PDF)
Paper:EMBER: A Global Perspective on Extreme Malicious Behavior
Slides (PDF)
Paper:SigMal: A Static Signal Processing Based Malware Triage
Slides (PDF)


Class Resources:

Resources for Presentation
Instructions to Using the cuda.acad system


Most of your grade will come from two projects which will total 75% of your grade. Both projects are mandatory. Plan on checkpointing your project with the instructor (showing your progress) at every class. These checkpoints will be part of your grade. You are not required to stay with the same group for both projects.

General Instructions (everyone should read)
Project Guidelines (everyone should read)
Latex and Word templates to use for Project Report
    Word template
    Latex template
Template for Weekly Status Presentation (everyone should use this)

Specific Project Handouts

        Machine Learning
        Cyber Chatbot
        Visual Analytics

Student Presentation Information

Your presentation should be on a paper pertaining to an application of advanced analytics to cybersecurity.

Note: You should find a paper on a topic related to advanced analytics and cybersecurity. Send me an email with the title of a paper you will present at least a week before you present so that no two people present the same paper!

Template for Talks

You can find advanced analytics and cybersecurity papers at the following locations.

ACM Digital Library (Search for Machine Learning, Big Data, Visualization, etc. and Cybersecurity)
Google Scholar (Search for Machine Learning, Big Data, Visualization, etc. and Cybersecurity)

This course material is Copyright (C) 2015 by John Cavazos and may not be used without prior written permission.