CSIS 672: Cybersecurity Analytics

The objective of this course is to provide students with the knowledge to apply data analytics to cybersecurity, enabling them to gain insight into an enterprise's security standing and create solutions that mitigate cybersecurity risks. Specifically, this course explores the application of information theory concepts to cybersecurity analytics. Students will learn how entropy, mutual information, and related concepts can be leveraged to detect anomalies, analyze network traffic patterns, and identify potential security threats. The course combines theoretical foundations with practical applications in modern cybersecurity analytics, utilizing the R software.

1. Implement entropy-based anomaly detection systems

2. Design information-theoretic approaches for threat intelligence

3. Design analytic solutions that help mitigate cybersecurity risks

4. Support decision-making in a secure enterprise environment

5. Select the appropriate data analytics tools and techniques to use for gaining insight into cybersecurity data.

6. Investigate network intrusions using a variety of data analytics tools and methodologies.

7. Design security solutions to improve the security standing of business processes, based on insights gained from data.