Certified AI Cyber Security Specialist

Course Outline

www.globalicttraining.com

1

1

Session 1: How AI can transform Cyber-Security for Good? Unit Category Contents Duration

1

How is AI transforming

cyber-security for

good? (purely

information sharing)

A. Emergence of cyber-attacksi. Why are cyber-attacks emerging?ii. Risks of cyber-attacks (locally and globally)iii. History of cyber-attacks (top 10 by far)

B. Approaches to mitigate cyber-attacksi. Machine learning techniques to mitigate or isolate cyber-attacksii. Artificial intelligence techniques to mitigate or isolate cyber-attacks

C. Specific examples of cyber-attacksi. Cyber-attacks or engineered attacks in the operations of respective fields (financial,

engineering, government sectors, etc.)

1 hour

2

Deployment of ML/AI to

detect specific cyber-

security problems

A. To detect fraudsi. Causes of frauds (unbalanced dataset, fake false positives occurrences)ii. Hands-on session (inclusive of mathematical theory) to develop deep neural network

algorithms to detect credit card frauds (datasets)

B. To detect malwarei. Causes of malwares (software objects of threats, faults)ii. Hands-on session (inclusive of mathematical theory) to develop deep neural network

algorithms to classify different types of malware (datasets)

C. To detect intrusioni. Causes of intrusions (anomalies in network systems)ii. Hands-on session (inclusive of mathematical theory) to develop deep neural network

algorithms to detect intrusions (datasets)

2.5 hours for

each detect

category

References:

2

Objective of Session 1:

This session (total of 8 hours) aims to teach the fundamental quantitative and qualitative details to the deployment of machine learning and/or artificial intelligence tools to enhance cyber security in the detections of frauds, malwares and intrusions.

Learning Outcomes:

At the end of the session, participants are expected to assimilate the following:

Able to qualitatively explain the causes and emergence of the different types ofcyber-attacks and possible approaches to mitigate them

Able to qualitatively explain the causes and emergence of frauds and quantitativelybuild suitable deep neural network model to mitigate fraud occurrences

Able to qualitatively explain the causes and emergence of malwares andquantitatively build suitable deep neural network model to mitigate malwaresoccurrences

Able to qualitatively explain the causes and emergence of intrusions andquantitatively build suitable deep neural network model to mitigate intrusionsoccurrences

Software tools:

Anaconda Jupyter Notebook for Python (https://www.anaconda.com/distribution/)

machine learning libraries (Scikit-Learn) (https://scikit- Open-sourcelearn.org/stable/)

Open-source deep learning libraries (Keras, TensorFlow) (https://keras.io/;https://www.tensorflow.org/)

3

Session 2: How AI can transform Cyber-Security for Bad? Unit Category Contents Duration

3

How is AI transforming

cyber-security for

bad? (purely

information sharing)

A. Attacks on machine learningi. Types of attacks on machine learning (Evasion, Poisoning, Trojan, Backdooring,

Reprogramming, and Inference attacks. Evasion, poisoning and inference)ii. More specific attacks types such as adversarial inputs, data poisoning attacks and model

stealing techniques

B. Approaches to perform attacks on machine learningi. Types of machine learning techniques to perform attacks on machine learning

C. Specific examples of attacks on machine learningi. Attacks on machine learning in the operations of the respective fields (financial,

engineering, government sectors, etc.)

1 hour

4

Deployment of

engineered attacks on machine learning models

A. Generative Adversarial Networks (GANs)i. Usage of GANs to manipulate or corrupt trained modelsii. Hands-on session (inclusive of mathematical theory) to develop GANs algorithms to

for image-to-image mapping (synthesized 2D images datasets which maps dogs to cats,tigers to cats, etc.)

B. Inference Attacksi. Usage of inference attacks (software objects of threats, faults)ii. Hands-on session (inclusive of mathematical theory) to develop deep neural network

algorithms to build target, shadow and attack models (datasets)

C. Poisoning of datasetsi. Usage of datasets poisoning (data manipulations)ii. Hands-on session (inclusive of mathematical theory) to develop deep neural network

algorithms to introduce malicious datasets

2.5 hours for

each attack

category

References:

4

Objective of Session 2:

This session (total of 8 hours) aims to teach the fundamental quantitative and qualitative details to the deployment of machine learning and/or artificial intelligence tools to jeopardize cyber security in the forms of interference attacks, poisoning of datasets and manipulating or corrupting secured models.

Learning Outcomes:

At the end of the session, participants are expected to assimilate the following:

Able to qualitatively explain the causes and emergence of the different types ofattacks on machine learning and possible techniques to perform those attacks

Able to qualitatively explain the usage of interference attacks and quantitativelybuild suitable deep neural network models to perform interference attacks

Able to qualitatively explain the usage of data poisoning and quantitatively buildsuitable deep neural network models to perform data poisoning acts

Able to qualitatively explain the usage of generative adversarial networks (GANs)and quantitatively build them to perform corrupt or manipulate secured models

Software tools:

Anaconda Jupyter Notebook for Python (https://www.anaconda.com/distribution/)

machine learning libraries (Scikit-Learn) (https://scikit- Open-sourcelearn.org/stable/)

Open-source deep learning libraries (Keras, TensorFlow) (https://keras.io/;https://www.tensorflow.org/)

5

Session 3: Applications of AI uses in Security (Engineering facilities) Unit Category Contents Duration

5

Cyber-attacks on

water treatment facilities

A. Description of problem statement and objectivei. Simulation of cyber-attacks on key stages of a simulated water treatment system to disrupt

operational flowii. To develop a novel predictive model which can pre-detect cyber-attack scenario a priori

by analyzing network dataiii. Dataset

B. Possible approaches to build novel modeli. Hands-on session (inclusive of mathematical theory) to develop machine learning

algorithms (Support Vector Machines, Random Forest) to pre-detect cyber-attacksii. Hands-on session (inclusive of mathematical theory) to develop deep neural network

algorithms (simple fully connected and convolutional neural network) to pre-detect cyber-attacks

iii. Comparison of the respective predictive accuracy of detection capability derived from theabove approaches

4 hours

6

Engineered attacks on

water distribution

systems

A. Description of problem statement and objectivei. Simulation of engineered attacks on pipe pressures across the water distribution system

of a simulated village town (L-Town), resulting in pipe bursts/leakagesii. To develop a novel deep learning model (inclusive of mathematical theory) which can pre-

detect engineered-attack scenario a priori by analyzing pressure dataiii. Dataset

B. Possible approaches to build novel modeli. Hands-on session (inclusive of mathematical theory) to develop machine learning

algorithms (Support Vector Machines, Random Forest) to pre-detect engineered attacksii. Hands-on session (inclusive of mathematical theory) to develop autoencoders via fully

connected neural network and convolutional neural network to pre-detect engineeredattacks

iii. Comparison of the respective predictive accuracy of detection capability derived from theabove approaches

4 hours

References:

6

Objective of Session 3:

This session (total of 8 hours) aims to teach the fundamental quantitative and qualitative details to the deployment of machine learning and/or artificial intelligence tools to benefit cyber security in real-world applications.

Learning Outcomes:

At the end of the session, participants are expected to assimilate the following:

Able to qualitatively explain the causes of cyber-attacks on water treatmentfacilities and quantitatively build suitable machine learning and/or artificialintelligence model to detect and/or mitigate those attacks

Able to qualitatively explain the causes of engineered attacks, via cyber means,on water distribution pipes and quantitatively build suitable machine learningand/or artificial intelligence model to detect and/or mitigate those attacks

Software tools:

Anaconda Jupyter Notebook for Python (https://www.anaconda.com/distribution/)

machine learning libraries (Scikit-Learn) (https://scikit- Open-sourcelearn.org/stable/)

Open-source deep learning libraries (Keras, TensorFlow) (https://keras.io/;https://www.tensorflow.org/)

7

Session 4: Applications of AI misuses in Security (Social facilities) Unit Category Contents Duration

7

Engineered attacks on

image recognition capability of autonomous

vehicles

A. Description of problem statement and objectivei. Simulation of engineered attacks on common traffic signs to deceive trained virtual brain of

autonomous vehiclesii. To develop a novel predictive model which can deceive autonomous vehicles with errant traffic

signsiii. Dataset

B. Possible approaches to build novel modeli. Hands-on session (inclusive of mathematical theory) to develop deep learning convolutional

neural network (CNN) algorithm to build trained model to identify/classify different traffic signsii. Hands-on session (inclusive of mathematical theory) to develop GAN algorithm to deceive

trained CNN modeliii. Comparison of the respective deceiving capability of GAN model to deceive virtual brain of

autonomous vehicles by comparing with predictive capability of CNN model

4 hours

8

Engineered attacks on

driving operational parameters

(via manipulation of datasets)

A. Description of problem statement and objectivei. Simulation of engineered attacks on operational data of driving vehiclesii. To develop a novel deep neural network model (inclusive of mathematical theory) which can

simulate engineered attacks on operations of driving vehicles (driving gear, RPM, etc.)iii. Dataset

B. Possible approaches to build novel modeli. Hands-on deep neural network algorithms (inclusive of mathematical theory) to build model

which can process the operational parameters of driving vehicles for safety classificationii. Leverage on trained model to manipulate operational datasets (via data replacement or data

augmentation) to deceive users of driving safetyiii. Evaluation of effects of manipulated datasets to compromise of safety classification by original

trained model

4 hours

References:

8

Objective of Session 4:

This session (total of 8 hours) aims to teach the fundamental quantitative and qualitative details to the deployment of machine learning and/or artificial intelligence tools to jeopardize cyber security in real-world applications.

Learning Outcomes:

At the end of the session, participants are expected to assimilate the following:

Able to qualitatively explain the causes of engineered attacks, via cyber means,on image recognition capabilities of autonomous vehicles and quantitatively buildsuitable machine learning and/or artificial intelligence model to perform thoseattacks

Able to qualitatively explain the causes of engineered attacks, via cyber means,on driving operational parameters of vehicles and quantitatively build suitablemachine learning and/or artificial intelligence model to perform those attacks

Software tools:

Anaconda Jupyter Notebook for Python (https://www.anaconda.com/distribution/)

machine learning libraries (Scikit-Learn) (https://scikit- Open-sourcelearn.org/stable/)

Open-source deep learning libraries (Keras, TensorFlow) (https://keras.io/;https://www.tensorflow.org/)

9