Back close

Course Detail

Course Name Data Analytics for Security
Course Code 21SN645
Program M. Tech. in Cyber Security Systems & Networks
Credits 3


Introduction: Introduction to Information Security, Introduction to Data Mining for Information Security

Network Intrusion Detection: Signature-based solutions (Snort, etc), Data-mining-based solutions (supervised and unsupervised); Deep Packet Inspection: Alert aggregation for web security, One-class Multi-classifier systems for packet payload modeling and network intrusion detection , Host Intrusion Detection: Analysis of shell command sequences, system call sequences, and audit trails, Introduction to Insider threats, Masquerader/Impersonator/Insider threat detection strategies, Web Security: Anomaly detection of web-based attacks using web server logs, Anomaly detection in web proxy logs Email: Spam detection, Phishing email detection, phishing website detection Social network security: Detecting compromised accounts, detecting social network spam, Authentication: Anomaly detection of Single Sign On (Kerberos, Active Directory), Detecting Pass-the-Hash and Pass-the-Ticket attacks, Behavioural Biometrics: Active authentication using behavioural and cognitive biometrics, Mouse dynamics analysis for active authentication, touch and swipe pattern analysis for mobile active authentication, Automated correlation: Attack trees, Building attack scenarios from individual alerts, Issues: Privacy issues, Adversarial machine learning: Overview of Multi-classifier systems (MCS), advantages of MCS in security analytics, security of machine learning, Other potential topics: Fraud detection, IoT/Infrastructure security, Mobile/Wireless security, Machine Learning for Security: Challenges in applying machine learning (ML) to security, guidelines for applying ML to security, Current and future trends in security.



1) Daniel Barbara and SushilJajodia, “Applications of Data Mining in Computer Security”, Vol. 6. Springer Science & Business Media, 2002

2) Marcus A. Maloof, “Machine Learning and Data Mining for Computer Security”, Springer Science & Business Media, 2006

3) V RaoVemuri, “Enhancing Computer Security with Smart Technology”, Auerbach Publications, 2005

4) S. Stolfo, S. Bellovin, S. Hershkop, A. Keromytis, S. Sinclair, S. Smith, “Insider Attack and Cyber Security: Beyond the Hacker”, Vol. 39. Springer Science & Business Media, 2008

5) Dhruba K. Bhattacharyya, Jugal K. Kalita, “Network Anomaly Detection: A Machine Learning Perspective”, Crc Press, 2013

6) AnoopSinghal, “Data Warehousing and Data Mining Techniques for Cyber Security”, Vol. 31. Springer Science & Business Media, 2007

7) Markus Jakobsson and ZulfikarRamzan, “Crimeware, Understanding New Attacks and Defenses”, Addison-Wesley Professional, 2008

Course Outcomes

  • CO1: Understanding various data mining techniques for information security (PO3,PSO4)
  • C02: Understand and apply networking intrusion systems for detection of insider threats such as phishing emails, spam emails etc (PO1, PSO1, PSO2
  • CO3: Have an understanding on how to build systems that utilize behavioral biometrics along with mouse dynamics for authentication purposes (PO1, PO2, CO4: Apply machine learning with security (PO3, PSO4)

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now