Course - Data Science for Security and Forensics - IMT4133
IMT4133 - Data Science for Security and Forensics
About
Examination arrangement
Examination arrangement: Assignments and Written examination
Grade: Letter grades
Evaluation | Weighting | Duration | Grade deviation | Examination aids |
---|---|---|---|---|
Written examination | 6/10 | 3 hours | E | |
4 major assignments | 4/10 |
Course content
This course serves as an introduction to machine learning, data science, and AI while considering the context of information security and digital investigation. The majority of the learned content focuses on machine learning, its basic principles, and its related practices. Items will be taught through lectures describing the theoretical aspects of machine learning, as well as tutorials that attempt to show more applied work in a hands-on way using Python, Weka, and other tools. Lectures and tutorials will contain the following items. Overview and motivation of machine learning. Basic principles of machine learning such as features, supervised learning (typically classification), unsupervised learning (typically clustering), and regression. Introduction to Use of machine learning tools and programming such as Python, Jupyter Notebook, WEKA, and RapidMiner. Understanding of types of features, how training and testing data should be preprocessed, and cross-validation. Overview of algorithm and data bias. Evaluation metrics to understand the performance of machine learning models. Objective functions and optimization methods (learning as search), including greedy algorithms, gradient descent, and genetic algorithms. Feature selection, feature extraction, and dimensionality reduction. More in depth look at classifiers including K-nearest neighbors, SVM, decision trees, etc. More in depth look at clustering and unsupervised methods including K-means, fuzzy clustering, association rules, etc. Introduction to Artificial Neural Networks, how they are trained, and deep learning. Homework includes tasks of applying machine learning models,
Learning outcome
Knowledge:
-The candidate should know the difference between supervised, unsupervised learning, and an assortment of algorithms associated with the different learning methods. -The candidate should have an understanding of overfitting and underfitting machine learning models, and the causes of these occurrences. -The candidate should have a basic but comprehensive understanding of at least the following categories of machine learning models: decision trees, support vectors machines, artificial neural networks, K nearest neighbors, k-Means clustering, -The candidate should know how to evaluate binary classification models, multiclass classification models, clustering models, and regression models. -The candidates should understand cross-validation. -The candidate should understand different types of features: numeric, categorical, and ordinal. -The candidate should know the difference between filter and wrapper feature selection methods, and some particular methods for each selection methodology. -The candidate should have a good understanding of what are useful features. -The candidate should understand the role of objective (loss) functions, and know multiple methods of optimization, including genetic algorithms and gradient descent. -The candidate should know some methods of dimensionality reduction, including principle component analysis. -The candidate should understand the fundamentals of artificial neural networks, including activation functions, bias, hidden layers, forward propagation, and backpropagation.
Skills:
Some technical skills learned during the course (depending on the students tools of course) are: -How to use WEKA for classification, clustering, feature selection, and feature visualiation. -How to use RapidMiner for classification, data preprocessing, and visualization. -How to use Python to apply machine learning knowledge. -How to use Jupyter Notebook to prototype and prepare data science reports.
General Competence:
By the end of the course, candidates should have a strong foundation of the basics of machine learning methods, be able to apply and evaluate machine learning methods in their programming language of choice (at least on relatively small datasets), capable of understanding some contexts in which machine learning can be applied to information security and digital investigation, and be capable of researching and conducting basic research applying what they have learned. Furthermore, they should understand the limitations or benefits of the different machine learning methods.
Learning methods and activities
-Lectures -Lab work -E-learning -4 major assignments that include theoretical and practical aspects of the topics (graded)
Further on evaluation
Re-sit:
- For the written exam: Ordinary re-sit examination in August. Depending on the number of students the re-sit can be changed to oral exam.
- The major assignments, if passed, need not be re-submitted.
Forms of assessment: -Written exam 3h (60%) -4 major assignments (40% total, 10% each) -The written exam and all major assignments must be passed.
Retake can be carried out for some partial assessments without all partial assessments having to be taken up again.
Specific conditions
Admission to a programme of study is required:
Applied Computer Science (MACS)
Information Security (MIS)
Information Security (MISD)
Information Security (MISEB)
Recommended previous knowledge
BSc level basics in statistics and mathematics, i.e. expected prior-knowledge in understanding basic statistical methods like descriptive statistics, probability and distributions, linear algebra, and beginning calculus (derivation and integration).
Course materials
Books/standards, conference/journal papers and web resources, such as:
- Kononenko, M. Kukar, Machine Learning and Data Mining: Introduction to Principles and Algorithms, Horwood Publishing, Chichester, U.K., 2007, ISBN 1-904275-21-4
Recommended further reading:
- T. Mitchell, Machine Learning, McGraw Hill, 1997.
- Chio, Clarence, and David Freeman. Machine learning and security: Protecting systems with data and algorithms. " O'Reilly Media, Inc.", 2018.
- R.O.Duda, P.E. Hart, and D.G. Stork: Pattern Classification. 2nd edition., Wiley, 2001.
- S. Theodoridis, and K. Koutroumbas. Pattern Recognition, 3rd edition. Academic Press.
Credit reductions
Course code | Reduction | From | To |
---|---|---|---|
IMT4612 | 3.7 | AUTUMN 2017 | |
IMT4632 | 3.7 | AUTUMN 2017 | |
IE500618 | 5.0 | AUTUMN 2023 | |
TDT4173 | 5.0 | AUTUMN 2023 |
No
Version: 1
Credits:
7.5 SP
Study level: Second degree level
Term no.: 1
Teaching semester: SPRING 2025
Language of instruction: English
Location: Gjøvik , Trondheim
- Information Security
Department with academic responsibility
Department of Information Security and Communication Technology
Examination
Examination arrangement: Assignments and Written examination
- Term Status code Evaluation Weighting Examination aids Date Time Examination system Room *
- Spring ORD 4 major assignments 4/10 INSPERA
-
Room Building Number of candidates - Spring ORD Written examination 6/10 E 2025-05-22 09:00 INSPERA
-
Room Building Number of candidates M433-Eksamensrom 4.etg Mustad, Inngang A 15 M438 Eksamensrom 4.etg, Inngang D Mustad, Inngang D 34 A-atriet-2/3 (A-160) Ametyst 19 SL111 orange sone Sluppenvegen 14 15 - Summer UTS Written examination 6/10 E INSPERA
-
Room Building Number of candidates
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"