Machine Learning to Detect Cyber Threats (Lecturer Note)

In this session, students should learn how machine learning and AI solutions can detect cyber threats. In the previous sessions, they learned security and machine learning concepts, and now they must link these two together and understand the basics of using AI for cyber security. In the next sessions, they will learn the details of developing machine learning models to detect different cyber attacks.

The lecturer should ask each group of students to find a real-world AI solution (e.g., DarkTrace, IBM, Microsoft Defender, Crowdstrike, etc.), find its features, how it works, and a case study. They should explain their finding to the other students.

Next, students should find a research article about developing a machine-learning solution to detect cyber attacks (e.g., ransomware, phishing, etc.). They do not need to understand the details, but they should get some ideas about the developed model, used algorithms, and the research’s contribution. They should make a summary and present it to other students. Encourage the other students to ask questions to understand how machine learning can be used to detect cyber threats.