Target Course: CYB 4900-Cybersecurity Capstone Project

Course Instructor: Dr. Shan Reddy

Course Objective:

In the CYB 4900 Cybersecurity Capstone Project, students integrate deep learning with cybersecurity threat intelligence to address the specific challenges posed by Internet-of-Vehicles, particularly in the context of emergency vehicles using synthetic cyber knowledge graphs to represent and analyze cyber threat intelligence and relationships, and they will employ deep learning algorithms such as Autoencoders, RNNs, and CNNs for anomaly detection within this graph data.

Course Competency statement:

The students in the course will become competent to complete the following “task” in the context of the “Threat/Warning Analyst” work role defined in the NICE Workforce Framework.

NICE Framework Task:

T0748 - Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations warning problem sets.

Course Goals/Tasks/Assignments:

Build SCKGs with Frontends.
Create STIX objects and store them.
Generate interconnected threat graphs and visualization.
Implement deep learning algorithms.
Preprocess and format data.
Train and evaluate models for anomaly detection.
Simulate cybersecurity scenarios.
Discuss ethical considerations.

Course Planning:

Week 01-04: Completion of Goals 1, 2, 7
Week 05-08: Completion of Goals 3, 4, 7
Week 09-12: Completion of Goals 5, 6, 7
Week 13-16: Completion of Goals 7, 8

Course Grading Schema:

25%: Create frontend for Identity, Malware, and Threat Actor objects
25%: Generate STIX objects from user input, Finish STIX objects, and store them in the database
15%: Generate/visualize a graph using three STIX objects Identity, Malware, and Threat Actor
25%: Anomaly detection using Deep Learning Algorithms
10%: Project management, final presentations, and report writing.

Course Tools/Packages/Environment:

MITRE ATT&CK
Datasets (Kaggle, UCI ML Repo, DesignSafe, etc)
Synthetic Data Vault
Python 3.8+ (faker, pandas, etc libs)
Oasis STIX2 (generator, validator, visualizer)
Repos-IDEs-HPCs (Omnibond, GitHub, Jupyter, Sagemaker CPUs, ArgonneLabs GPUs, OakRidgeLabs GPUs)

Skills/Knowledge/Abilities:

DBMS
Python
Statistics
Deep learning
Vector Databases
Anomaly detection
Cyber intrusion knowledge

Course Syllabus: In Construction

Course Textbook(s):

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Authors: Michael Sikorski and Andrew Honig
https://nostarch.com/malware
Python for Data Analysis
Author: Wes McKinney
https://www.oreilly.com/library/view/python-for-data/9781491957653/
Deep Learning
Authors: Ian Goodfellow, Yoshua Bengio, and Aaron Courville
http://www.deeplearningbook.org/
Python Data Science Handbook
Author: Jake VanderPlas
https://jakevdp.github.io/PythonDataScienceHandbook/
STIX (Structured Threat Information eXpression) Version 2.1.1
OASIS Standard
https://docs.oasis-open.org/cti/stix/v2.1.1/stix-v2.1.1.pdf
TAXII (Trusted Automated Exchange of Indicator Information) Version 2.1.1
OASIS Standard
https://docs.oasis-open.org/cti/taxii/v2.1.1/taxii-v2.1.1.pdf

Course HPC Resources:

Relevant Science Gateways:

Open-source Resources:

Course Implementation Schedule:

Spring 2024
Fall 2024
Spring 2025
Fall 2025

Course Instructor:

Dr. Shan Reddy
Assistant Professor of Computer Science
Director of Cyber Defense Education Center
Program Coordinator of Cybersecurity

Contact Information:

Email: busiredd@uncp.edu
Phone: 910-521-6415
University of North Carolina at Pembroke
1 University Drive
Pembroke, NC 28372

Team: Threat Tracker