Home 9 Usposabljanje 9 Big data for cyber security

Big data for cyber security

The training introduces anomalies and basic anomaly detection methods based on data from cyber-attacks.

Content

  • Data flows:
    • Demonstration of a real data flow (capturing data from cyber-attacks – honeypot; storing data in databases (Elasticsearch); analysing the data flow; sampling and filtering the data; counting the elements in the flow; estimating the number of elements in the flow).
  • Detection of anomalies:
    • What are anomalies or. Isolates; Anomaly types; Anomaly detection challenges/tasks; Anomaly detection methods.
  • Example of data stream processing:
    • Using Elasticsearch database for explorative data exploration; Implementation of multi-element counting (python); Implementation of unusual event detection as an example of anomaly detection (python).

Learning objectives

  • Know the cyber-attack data capture system and how to create a cyber-data stream.
  • Understand data flows and methods of analysing data flows, using cyber-attacks as an example.
  • Know anomalies and basic anomaly detection methods based on data from cyber-attacks.

Target group

Service designers, security analysts, R&D specialists, technical support specialists and consultants.