Prof. Federico Cerutti AI, cybersecurity, and reasoning under uncertainty
IT
PhD course

Cyber Threat Intelligence Analysis and how Artificial Intelligence can Support It

Date: 9-20 May 2022

Lecturers: Federico Cerutti

Location: Brescia, Italy, Department of Information Engineering, University of Brescia, Room 45

Original page

When: Mon, May 9th 2022-Fri, May 20th 2022.

  • 09 May 2022: 0900h-1300h
  • 12 May 2022: 1300h-1600h
  • 13 May 2022: 1300h-1600h
  • 16 May 2022: 0900h-1300h
  • 19 May 2022: 1300h-1600h
  • 20 May 2022: 1300h-1600h

Where: Brescia, Italy, Department of Information Engineering, University of Brescia, Room 45.

Who: Federico Cerutti.

Syllabus

  1. Intelligence Analysis and Cyber Threat Intelligence (CTI)
    • Understanding Intelligence.
    • Understanding Cyber Threat Intelligence.
    • Strategical thinking and direction.
    • OWL and ontologies of CTIA.
  2. Fundamentals of Intrusion Analysis
    • Primary Collection Source: Intrusion Analysis.
    • Kill Chain Courses of Action.
    • Handling Multiple Kill Chains.
    • The role of causality in the Kill Chain.
  3. Collection Sources
    • Malware.
    • Network traces.
    • Open Source Intelligence.
    • Machine learning for intelligence analysis.
  4. Analysis and Production of Intelligence
    • Logical Fallacies and Cognitive Biases.
    • Exploring Hypotheses.
    • Different Types of Analysis.
    • Argumentation theory and intelligence analysis.
  5. Dissemination and Attribution
    • Tactical dissemination.
    • Operational dissemination.
    • Strategic dissemination.
    • Natural language generation for intelligence analysis.