Course Outline

Our Courses

Artificial Intelligence / Machine Learning for Information Security

Overview

Artificial Intelligence (AI) and Machine Learning (ML) are increasingly being deployed in information security either as a tool for defence, or as a weapon in cyberattacks. AI/ML are powerful tools in helping organisations minimise the impacts of cybersecurity threats. At the same time, it is imperative that AI/ML systems, including the models and algorithms, be protected against cyber-attacks. This course provides a broad introduction to the deployment of AI/ML for information security and related cybersecurity challenges. It explores various machine learning and data mining solutions to cybersecurity threats and problems. The course will review the vulnerabilities of AI/ML systems, risk mitigation solutions, using AI in cybersecurity defence and defending against AI-aided cyberattacks. This course will introduce participants to open source Machine Learning tools such as Jupyter notebook using packages like scikit-learn. Participants will learn the different algorithms in some of most widely adopted machine learning methods such as supervised learning, unsupervised learning and reinforcement learning.

TARGET AUDIENCE

• Information security/cybersecurity professionals with no background in AI/ML.
• C-suite personnel such as Chief Information Security Officer, Chief Technology Officer, Chief Information Officer without any strong background in AI/ML.
• Business executives who are technically inclined and who typically manages technical projects together with technology specialists.
• Adult learners with some computer knowledge and a keen interest in artificial intelligence, machine learning and cybersecurity.

COURSE OBJECTIVES

This course seeks to equip participants with:

• An overview of concepts, techniques, and applications of AI/ML in the field of information security including understanding machine learning techniques: supervised, unsupervised & reinforcement learning.
• An understanding of how AI/ML is used to respond to cyber threats, how to monitor and ensure AI is safe from cyber hackers or security breaches including understanding generative adversarial networks and their use cases.
• The basics of developing machine learning algorithms and its usage in information security, including understanding of discriminative and generative algorithms as well as the current trends in AI/ML specifically for cybersecurity.
• The knowledge and skills relating to managing the processes and procedures in projects dealing with the deploying AI/ML for information security.

LEARNING OUTCOMES

Upon completion of this course, the learner will be able to work in partnership with an AI specialist (if the learner is not already one), to:

• Evaluate the appropriateness of AI/ML for cybersecurity defence and identify their shortcomings including qualitatively analysing malware and anomaly detection using machine learning.
• Identify security, safety and privacy vulnerabilities of AI systems, including AI-specific cybersecurity risks, and recommend appropriate risk mitigation actions and recognise limitations, if any.
• Analyze various AI-aided attack techniques and recommend appropriate mitigations or compensating controls.
• Keep abreast of new developments in AI/ML information security in order to assess the risks, if any, they pose to their organisation.

Course Duration

2 days at 8 hours per day (total 16 hours)

Pre-requisites

• Foundational cybersecurity and IT knowledge
• Basic programming skills

COURSE OUTLINE

Topic 1: Artificial Intelligence/Machine Learning for Information Security

• Security Principles: Confidentiality, Integrity and Availability
• AI/ML for cybersecurity
  • Use cases of AI/ML applications for cybersecurity
  • Defensive and offensive postures
  • Threat modelling AI systems
  • Harnessing AI for cybersecurity defence
    • Cyber attacker methodology
    • Data gathering techniques
  • AI-powered attacks and corresponding mitigations
    • AI-aided attacks and corresponding mitigation strategies
    • Vulnerabilities and risk mitigation strategies in machine-learning-based AI systems
• Attacks on machine learning systems
  • History of security attacks on AI/Machine Learning
  • Types of Attacks
  • Exploiting vulnerabilities in machine-learning-based AI systems
  • Engineering risk mitigations for ML-based AI systems

Topic 2: Basics of Machine Learning and AI

• What is AI and machine learning
• Types of machine learning
  • Supervised Learning
  • Unsupervised Learning
  • Reinforcement Learning
  • Deep Learning
    • Neural Network
• Types of machine learning algorithms
  • Regression
  • Classification
  • Clustering and Anomaly Detection
• Synthetic Data Generation

Topic 3: Intrusion Detection System

• Overview of Intrusion Detection System (IDS)
• Build a Neural Network Model for IDS
• Train and Evaluate the Model
• Challenges of AI for Security

Topic 4: Application of Machine Learning for Cybersecurity

• How ML is deployed for cybersecurity
  • Anomaly detection¹
  • Intrusion detection and prevention²
  • Malware analysis and detection³
    • Understanding malware
    • From features to classification of malware
    • Demo/hands-on Android Malware Analysis
      • Features
      • Model Selection
  • Phishing detection⁴
• ML techniques deployed to fight cyber attacks
  • Supervised learning: Algorithms (eg random forest and SVM⁵ which can be trained on labeled data to identify specific types of cyber-attacks)
  • Unsupervised learning: Algorithms (clustering and anomaly detection which can identify patterns in data without being specifically trained to do so).
  • Deep learning: Algorithms (eg CNN⁶ and LSTM⁷ which can be trained to identify patterns in data and perform complex decision making, such as identifying malware in a file)
  • Reinforcement learning: Algorithms that can learn to make decisions in dynamic, uncertain environments, such as identifying a zero-day exploit in a network.

Topic 5: Machine Learning in Cybersecurity Exercises

• Installation of Anaconda on Kali Linux⁸ Setup
• Hands on Python
• Data Pre-processing
• Pandas⁹, Keras¹⁰ and TensorFlow¹¹
• Examples of Supervised, unsupervised and deep learning
• Penetration Test with Kali Linux
  • Introduction to Kali Linux
  • Installation and Environment Setup
  • Security Assessment using Kali Linux
  • Penetration Testing Demo

Topic 6: Case Studies

1. Study of an AI-based Intrusion Detection System (IDS) in detecting and preventing cyber attacks
2. Analysis of the use of AI-based malware detection and classification techniques in a real-world scenario
3. Study of the use of AI-based techniques in automating incident response and forensic analysis
4. Examination of the impact of AI-based techniques on network security, including network traffic analysis and anomaly detection
5. Exploration of the use of AI-based techniques for secure and efficient management of cloud-based systems

Delivery of Training

• Seminar style
• Hands on exercise
• Online quizzes

¹ ML algorithms can be trained to identify patterns of normal network and system behavior, and then flag any deviation from that behavior as potentially suspicious.

² ML algorithms can be used to analyze network traffic and identify patterns that are indicative of a cyber attack, such as a brute force login attack.

³ ML algorithms can be used to analyze files and identify patterns that are indicative of malware, such as known malware signatures or suspicious code patterns

⁴ ML algorithms can be used to identify patterns in emails and other communications that are indicative of phishing attempts.

⁵ SVM or Support Vector Machine is a supervised learning algorithm that can be used for classification and regression tasks. The algorithm finds the best boundary or "hyperplane" that separates the data into different classes. Once the boundary is determined, new data can be easily classified by seeing on which side of the boundary it falls. SVM can be used for both linear and non-linear data.

⁶ CNN or Convolutional Neural Network is a type of neural network architecture that is particularly well suited to image and video data. CNNs are designed to automatically and adaptively learn spatial hierarchies of features from input data. It does this by applying convolutional filters to the input data, which scan the data for specific patterns or features. CNNs are used in image classification, object detection, and video analysis.

⁷ LSTM or Long Short-term Memory is a type of Recurrent Neural Network (RNN) architecture. RNNs are neural networks that process sequential data, such as time series data or natural language. LSTMs are particularly useful for processing sequential data because they are able to maintain a "memory" of past information and selectively choose which information to use when making predictions. LSTMs are used in natural language processing, speech recognition, and time series forecasting.

⁸ Kali Linux is a Debian-based distribution that is primarily used for penetration testing, digital forensics, and security auditing. It comes with a wide array of tools for information gathering, vulnerability scanning, and exploitation. In the context of deploying AI/ML for cybersecurity, Kali Linux can be used to perform reconnaissance, vulnerability scanning, and exploit testing on target systems to generate data for training and testing of the AI/ML models.

⁹ Pandas is a Python library for data manipulation and analysis. It provides data structures and data analysis tools for handling and manipulating numerical tables and time series data. In the context of deploying AI/ML for cybersecurity, pandas can be used to clean, manipulate and prepare the data for training and testing of the ML models.

¹⁰ Keras is an open-source neural network library written in Python. It is a high-level API that allows for easy and fast prototyping of deep learning models. It can run on top of TensorFlow, Microsoft Cognitive Toolkit, or Theano. In the context of deploying AI/ML for cybersecurity, Keras can be used to quickly and easily build and test different deep learning models for tasks such as intrusion detection, malware detection, and phishing detection.

¹¹ TensorFlow is an open-source software library for machine learning. It provides a set of tools for building, training, and deploying machine learning models, including deep neural networks. In the context of AI/ML deployment for cybersecurity, TensorFlow can be used to develop and train machine learning models that can detect and respond to cyber threats, such as malware, phishing attacks, and network intrusions. These models can be integrated into cybersecurity systems to provide real-time threat detection and response capabilities. Additionally, TensorFlow can also be used to analyze large amounts of network and endpoint data to identify patterns and anomalies that may indicate a security incident.

Return to “Our Courses”

AI Ethics and Governance

Design, Develop and Implement Ethical AI Programs and AI and Data Governance Frameworks

Overview

In recent years, the world has seen significant advances in the sophistication and pervasive use of AI. Governments, enterprises and organizations have begun issuing principles, frameworks and recommendations on AI ethics and governance. The rise of a data and AI-driven economy necessitate enterprises, organizations and governments to build new capabilities on data and AI governance among its employees, partners, vendors and any entities that have any dealing in the deployment of AI. This program seeks to provide a practical overview on the process of designing, developing and implementing ethical AI programs as well as AI and data governance frameworks for organizations. It provides real world examples of how AI and data governance frameworks can be developed in practice.

Who should attend

• ICT professionals including data and AI engineer, data analysts, data scientists
• C-suite executives including CEOs, CTOs, CDOs¹², CMOs¹³, CLOs¹⁴, CCOs¹⁵
• Business executives and government officers (including those with non-technical backgrounds)

Learning Outcomes

At the end of this 1-day¹⁶ program, participants will be able to:

1. Design, develop and implement an AI and data governance framework that can readily be deployed in practice;
2. Oversee the execution of a sound AI and data governance program to better manage organizational risks while rolling out AI and data programs and initiatives;
3. Develop key performance indicators for AI and data governance frameworks and programs.

Course Outline¹⁷

This course is divided into 2 parts:

• PART 1: AI ETHICS AND GOVERNANCE
• PART 2: DATA GOVERNANCE

PART 1: AI ETHICS AND GOVERNANCE

AI Ethics and Governance Framework

1. Objectives of deploying AI – why ethical AI matters

AI Ethical Principles

1. Accountability
2. Accuracy
3. Auditability
4. Traceability
5. Explainability
6. Fairness
7. Human centricity and well being
8. Human rights alignment
9. Inclusivity
10. Progressiveness
11. Responsibility, accountability and transparency
12. Robustness and security
13. Sustainability

AI Governance Framework

• Nature of an AI Governance
  • Distinction between data and AI governance framework
  • Data governance as the foundation of AI governance
• AI Governance as part of Corporate Strategy
  • AI governance against the broader Governance, Risk & Compliance context
• Why AI Governance is critical when organizations roll out AI initiatives

Internal Governance Structure and Measures

• Clear role and responsibilities for ethical deployment of AI
• Risk management and internal controls

Level of Human Involvement in AI-augmented Decision Making

• Human-in-the-loop
• Human-out-of-loop
• Human-over-the-loop

Operations Management

• Data preparation
• Algorithm development
• Choose model
  • Data for model development
• Data lineage and provenance record
• Ensuring data quality
• Probability-Severity of Harm Matrix
• Minimizing inherent bias
  • Selection bias
    • Measurement bias
    • Different datasets for training, testing and validation
    • Periodic review and updating of datasets
• Algorithm and Model
  • Repeatability
    • Regular tuning
    • Reproducibility

Stakeholder Interaction and Communication

• General disclosure
• Policy for explanation
• Interacting with consumers
• Option to opt-out
• Communication channels
• Acceptable user policies
• Interacting with other organizations
• Ethical evaluation

Model AI Governance Framework

The need to be:

• Algorithm-agnostic
• Technology-agnostic
• Sector-agnostic
• Scale and Business Model-agnostic

Use Cases and Case Studies in Industry

• Facebook
• Microsoft
• Cujo AI
• Mastercard
• Suade Labs
• Grab
• Pymetrics
• Symphony Ayasdiai
• MSD

PART 2: DATA GOVERNANCE

What is Data Governance

• The Business Context
  • Why Data Governance is becoming more critical for organizations
    • The Business Value of Data Governance – Data governance business case
    • Big picture (vision, mission) – define business value of data governance program
    • Business alignment – identify business benefits & metrics, align data governance with business needs
    • Data monetization
      • Data as corporate asset
  • Risk Management & Data Governance
    • Theft, misuse & data corruption
    • Examples of successful data governance strategies
  • Regulatory Compliance: The Challenges of New Regulations
  • Ethical concerns around data use
• What Data Governance entails
  • Scope of Data Governance & Data Management
  • Policy Framework design and development
    • Determine baseline policy requirements
    • Identify use cases to demonstrate value
  • Holistic approach to data governance
  • Development Methods
    • Federation
    • Core Principles
    • Policies
    • Metrics to measure effectiveness, efficiency
  • Data governance in the cloud
  • Enhancing Trust in Data
  • Classification and access control
  • Data governance versus data enablement and data security
  • Incident handling
  • Data use cases

Elements of Data Governance Framework

• Tools, People and Processes
  • Data classes, data policies, data cataloguing & metadata management
  • User authorization and access management
  • People’s roles & responsibilities
  • People & processes together: Considerations, issues

Data Life Cycle Management

• Phases of Data Life Cycle
  • Data creation, cleaning, processing, structuring, modelling, deployment, storage, usage, archiving & destruction
• Workflow management for data acquisition
  • Data management plan
  • Applying governance over the data life cycle
  • Data assessment and profiling
• Improving Data Quality
  • Lineage tracking, types of lineage
  • Data quality in big data analytics
  • Data quality in AI/ML models
  • Techniques for data quality management
    • Scorecard
    • Prioritization
    • Annotation
    • Profiling
• Cost of data quality issues

Operationalizing Data Governance

• Data governance policy
  • Building internal & external trust
  • Transparency
• Developing policy structure
  • Engagement & buy in – engagement model
  • Strategy
  • Charters, policies and standards
• Data governance delivery framework
• Architecture and design
  • Align and prioritize
  • Identify tools and technology support
  • Operating framework
• Roles and responsibilities
• Step by step guidance

Legal and Compliance: Data Protection & Compliance Requirements

• Personal Data Protection Act
• Cybersecurity Act
• Computer Misuse Act

Monitoring of Data Governance Programs

• Why perform monitoring?
• Data quality monitoring
• Data lineage monitoring
• Program performance monitoring
• Security monitoring
• Compliance monitoring
• Monitoring system
  • Analysis in real time
  • System alerts
  • Notifications
  • Reporting & analytics
  • Customization
  • Monitoring criteria

Building a Culture of Data Privacy & Security

• Data culture – what it is & why it is important
• Leadership – starting at the top & the cascading effects
  • Benefits of data governance to businesses
  • Approaches: low profile, central controlled, agile or traditional
  • Maintaining agility
• Peoples Dimensions
  • Business and technical capabilities needed
  • Roles & responsibilities
  • Team structure & business units
  • Organizational persona and perception
  • Training
  • Communications
• Scaling the data governance process up and down
  • Data value & sustainability

Data Governance in Practice

• Roadmapping (short and long term deployment plans)
• Managing discoverability, security and accountability
• Assessment (information maturity, change capacity, data environment)
• Policy management, simulation, monitoring & change management
• Sustaining Plans
• Operations and changes
  • Rollout plans
  • Technology solutions
• Audit & Compliance
• Case Studies
  • Google Internal Data Governance
  • Microsoft Data Governance Practices

¹² Chief Data Officers

¹³ Chief Marketing Officers

¹⁴ Chief Legal Officers

¹⁵ Chief Compliance Officers

¹⁶ This 1-day course can also be conducted over 2 days where the second day will focus on case studies and practical exercises to apply what has been learnt on Day 1. A typical program is 8 hours per day.

¹⁷ Credit is given to IMDA’s Model Framework for AI Governance (Second Edition) which has been released publicly for adoption by both industry and government. See further: http://go.gov.sg/ai-gov-mf-2

Return to “Our Courses”