Cyber attacks pose increasingly frequent, severe and sophisticated threats. The course explores cyber security analytics for advanced cyber situational awareness in responding to the globally evolving cyber threat landscape and focuses on applications of data mining, machine learning and probabilistic modeling for threat intelligence, intrusion detection and response, critical infrastructure protection, cyber risk assessment and mitigation, blockchain technology and more. This is a seminar-style course in which students study, present and discuss selected articles, papers or book chapters. The course starts with an introduction of fundamental cyber security concepts, principles and best practices. (Course Outline)

Office Hours

• Fridays, 11:00-12:00 (not this week!) Zoom links will be posted here on the day of the office hour.
  Office hours may end after 20 minutes in case of no attendance.

Industry Guest Lecture

• Cybersecurity: The Skills and Trends of Tomorrow.
  Sean Weiss, Business Development Engineering Manager, Fortinet, Canada (April 10, 13:30)

Recorded Sessions

• Darknet Diaries
• Lectures/Tutorials

Reading Materials

Important: Please sign-up here for using Microsoft 365 at SFU to obtain access to folders on SFU OneDrive.

• Lecture/Tutorial Notes
• Reading Assignments
• REFERENCES
• TECHNICAL PRESENTATIONS

Technical Presentation Topics

Register your topic by emailing Ali at Ali Alimohammadi <aaa223@sfu.ca> (first come, first served).

Google Sheet of reserved topics

Machine Learning - ML

(1) Gareth James et al. "An Introduction to Statistical Learning: with Applications in R." Springer, 2017,
 ISBN 978-1461471370
. Description

(2) John D. Kelleher et al. "Fundamentals of Machine Learning for Predictive Data Analytics." The MIT Press, 2020, ISBN 978-0262044691. Description

Adversarial Learning - AL

(1) Shuai Zhou et al. "Adversarial Attacks and Defenses in Deep Learning: From a Perspective of Cybersecurity." ACM Computing Surveys, Vol. 55, No. 8, December 2022.

(2)Michael Brengel and Christian Rossow. "YarIx: Scalable YARA-based Malware Intelligence." In Proceedings of the 30th USENIX Security Symposium, August 2021.

(3) Qi-An Fu et al. "AutoDA: Automated Decision-based: Iterative Adversarial Attacks." In Proceedings of the 31st USENIX Security Symposium. August 2022, Boston, MA, USA.

(4) Ren Pang et al. "On the Security Risks of AutoML. In Proceedings of the 31st USENIX Security Symposium." August 2022, Boston, MA, USA.

(5) Yuvraj Patel et al. "Using Trātr to tame Adversarial Synchronization." In Proceedings of the 31st USENIX Security Symposium, August 2022, Boston, MA, USA.

(6) Shawn Shan et al. "Poison Forensics: Traceback of Data Poisoning Attacks in Neural Networks." In Proceedings of the 31st USENIX Security Symposium, August 2022, Boston, MA, USA.

Cyber Security Risk - CSR

(1) Douglas W. Hubbard and Richard Seiersen. "How to Measure Anything in Cybersecurity Risk." John Wiley & Sons, 2016, ISBN 978-1119085294. Description

Industrial Control System Security - ICSS

(1) K. Stouffer et al. “NIST Guide to Industrial Control Systems (ICS) Security.” NIST Special Publication 800-82, Revision 2, U.S. Department of Commerce, May 2015.


(2) Amir Rostami et al. "Reliability assessment of cyber-physical power systems considering the impact of predicted cyber vulnerabilities." International Journal of Electrical Power and Energy Systems, Elsevier, December 2022.

Threat Intelligence - TI

(1) Amir Namavar Jahromi et al. "An ensemble deep federated learning cyber-threat hunting model for Industrial Internet of Things. Computer Communications 198 (2023) 108–116. Description

Intrusion Detection - ID

(1) Z. Zohrevand and U. Glässer. "Dynamic Attack Scoring Using Distributed Local Detectors.” 2020 IEEE Int’l Conference on Acoustics, Speech and Signal Processing, 2020, pages 2892-2896.


Botnet Detection - BD

(1) Manos Antonakakis et al. "Understanding the Mirai Botnet." In Proceedings of the 26th USENIX Security Symposium, August, 2017, Vancouver, BC, Canada.

(2) Saleh Soltan et al. "BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid." In Proceedings of the 31st USENIX Security Symposium, August 2022, Baltimore, MD, USA.

Blockchain Technology - BT

(1) Dylan Yaga et al. "Blockchain Technology Overview." NISTIR 8202, National Institute of Standards and Technology, U.S. Department of Commerce, October 2018, Online: https://doi.org/10.6028/NIST.IR.8202

DOWNLOAD

Additional Topics - AT

Proceedings of 32nd USENIX Security Symposium, August 9–11, 2023, Anaheim, CA, USA

Important Dates

The dates listed below are tentative and may, or may not, shift depending on the effectual course progress.

• FEB 9: Quiz 1 (Confirmed)

• FEB 19: Family Day
• FEB 20-25: Reading Break
• TBA: Quiz 2
• MAR 29: Good Friday (no classes)
• TBA: Quiz 3
• APR 12: Last day of classes