41180 Data Analytics in Cybersecurity

Warning: The information on this page is indicative. The subject outline for a particular session, location and mode of offering is the authoritative source of all information about the subject for that offering. Required texts, recommended texts and references in particular are likely to change. Students will be provided with a subject outline once they enrol in the subject.

Subject handbook information prior to 2025 is available in the Archives.

UTS: Information Technology: Computer Science
Credit points: 6 cp

Subject level:

Undergraduate

Result type: Grade and marks

Requisite(s): 48730 Cybersecurity OR 41181 Information Security and Management OR 41182 System Security OR 41084 Fundamentals Studio A

Description

Data Analytics for Cybersecurity combines big data capabilities with threat intelligence to help detect, analyse and alleviate the insider threats, as well as targeted attacks from external bad actors and persistent cyber threats. It includes a number of IT areas, such as statistical methods for identifying patterns in data and making inferences, and other intelligent technologies that derive cybersecurity issues from data. Data Analytics for Cybersecurity introduces learners to the machine learning technologies for cybersecurity and the most common approach to standard process for data analytics. This subejct offers practice in the technologies of data analytics in cybersecurity, identifying security risks, threats and vulnerabilities to the corporate computers and networks.

Subject learning objectives (SLOs)

Upon successful completion of this subject students should be able to:

1.	Apply data analytics to investigate cybersecurity datasets. (D.1)
2.	Detect and analyse cyber‐attacks using data analytics. (D.1)
3.	Synthesise data analytics with other techniques to appropriately set rules for intrusion detection. (D.1)
4.	Clearly communicate process of data analysis and security recommendations to a broad audience. (E.1)

Course intended learning outcomes (CILOs)

This subject also contributes specifically to the development of the following Course Intended Learning Outcomes (CILOs):

Technically Proficient: FEIT graduates apply abstraction, mathematics and discipline fundamentals, software, tools and techniques to evaluate, implement and operate systems. (D.1)
Collaborative and Communicative: FEIT graduates work as an effective member or leader of diverse teams, communicating effectively and operating within cross-disciplinary and cross-cultural contexts in the workplace. (E.1)

Contribution to the development of graduate attributes

Engineers Australia Stage 1 Competencies

This subject contributes to the development of the following Engineers Australia Stage 1 Competencies:

1.3. In-depth understanding of specialist bodies of knowledge within the engineering discipline.
1.4. Discernment of knowledge development and research directions within the engineering discipline.
2.2. Fluent application of engineering techniques, tools and resources.
3.2. Effective oral and written communication in professional and lay domains.
3.4. Professional use and management of information.

Teaching and learning strategies

Students will on average spend 150 hours over the semester undertaking learning and assessment activities for this subject. For on campus students this includes class time as described, designated activities in the practical sessions, assessment tasks, readings and study time. For off campus students the time should be divided between online learning activities, discussion boards, designated activities in the practical sessions, assessment tasks, readings and study time.

Content (topics)

Introduction to data analytics and subject overview
Introduction to python
Project 1: Spam Filtering
Spam Filtering: Text Regression
Spam Filtering: Breaking Codes
Project 2: Intrusion Detection
Intrusion detection: machine Learning for Anomaly Detection
Intrusion detection: machine Learning for Scan Detection
Project 3: Network Intrusion Detection System
Rules in Network Intrusion Detection System I
Rules in Network Intrusion Detection System II
Unit Review

Assessment

Assessment task 1: Project 1: email spam filtering

Intent:	1. through the assessment of student knowledge of standard practice of attacking and securing corporate computer and network systems. 2. through the assessment of evidence of teamwork skills in evaluating and planning testing. 3. through the assessment of student awareness of ethical codes of conduct whilst working in the corporate environment.
Objective(s):	This assessment task addresses the following subject learning objectives (SLOs): 1 and 2 This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs): D.1
Type:	Report
Groupwork:	Group, individually assessed
Weight:	30%
Length:	This is a group task, the planning report should be approximately 2000?2500 words.

Assessment task 2: Project 2: Intrusion detection

Intent:	1. through the assessment of student ability and competence to the intrusion detection. 2. through the assessment of student ability to reflect and critically analyse experimental testing results before making well?informed conclusions. 3. through the assessment of student competence in using analysis techniques to identify type of attacks.
Objective(s):	This assessment task addresses the following subject learning objectives (SLOs): 1, 2 and 3 This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs): D.1
Type:	Project
Groupwork:	Individual
Weight:	30%
Length:	This is an individual assessment task. Students are required to attend a competition in the Kaggle system and ranked by the final performance with a report. The report approximately 2000?2500 words along with exhibits to support findings. This report should consist of: ? overview of the features of given data set ? visualization of data ? comparative analysis of performance of different classification algorithms ? technical findings and discussions of experiment results ? analysis of cyber security implications

Assessment task 3: Project 3: Network Intrusion Detection System

Intent:	1. the assessment can estimate student’s capability to set a real work intrusion detection system. 2. through the assessment of student ability to reflect their security rules setting. 3. through the assessment of student competence in using analysis techniques to identify type of attacks.
Objective(s):	This assessment task addresses the following subject learning objectives (SLOs): 2, 3 and 4 This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs): D.1 and E.1
Type:	Project
Groupwork:	Group, individually assessed
Weight:	40%
Length:	This is a group task. Students are required to write a report. The report approximately 2000?2500 words along with exhibits to support findings. This report should consist of: ? overview of the environment, including defender and attacker ? different type of attacks ? technical findings and discussions of attack and defend results ? rules setting

Minimum requirements

In order to pass the subject, a student must achieve an overall mark of 50% or more.

Other resources

FEIT student resources: https://www.uts.edu.au/current-students/current-students-information-faculty-engineering-and-it/manage-your-course