Software Engineering Institute

After learning about NetFlow related to cybersecurity, aspiring data scientists can:

• Gain knowledge of common problems that a data scientist encounters
• Become fluent in NetFlow with the help of a scripting language
• Understand NetFlow architecture
• Identify types of attacks with network flow data
• Gain experience with different types of attacks
• Investigate and solve problems in the cybersecurity realm

Please note that successful completion of this course is a required component of the CERT Applied Data Science for Cybersecurity Professional Certificate. To learn more about the Professional Certificate and discounted package pricing, please go to: SEI Certificates.

• Those with a particular interest in data science and cybersecurity, but limited experience with both concepts.

After successful completion of this course, you will:

• be able to understand the fundamentals of Network Flow architecture
• have an appreciation for flowmeters and records
• explain the differences between types of malicious attacks
• be able to understand network beacons
• identify network beacons with flow data
• connect network beacons to data science

In this course, students will learn about and investigate NetFlow techniques relied upon in the cybersecurity realm. These include:

• Bayes' Rule and Error Rate
• Common metrics in machine learning
• Common machine learning algorithms including:
  • K-Nearest Neighbor
  • Decision Tree
  • AdaBoost
  • Random Forest
  • XGBoost
• Network flow architecture
• Flowmeters and records
• Brute force attacks with network flow data
• DRDoS attacks with network flow data
• Network beacons with network flow data

These concepts will be exercised in labs involving density and maximum likelihood estimation, hypothesis testing with z-tests, linear regression, and logistic regression.

This course is presented in the form of video instruction presented by experts from the SEI CERT Division. Downloadable materials include course presentation slides, instructions for lab exercises, jupyter license, and instructions for using a jupyter notebook. Learners will also be able to access additional resources related to the subject matter.

Before registering for this course, participants must complete the Fundamentals of Statistics Applied to Cybersecurity course.

Learners should have some exposure to NetFlow in itself and a working knowledge of a programming language (preferably Python or R). A working knowledge of calculus and linear algebra is helpful.

To access the SEI Learning Portal, your computer must have the following:

• For optimum viewing, we recommend using the following browsers: Microsoft Edge, Mozilla Firefox, Google Chrome, Safari
• These browsers are supported on the following operating systems: Microsoft Windows 8 (or higher), OSX (Last two major releases), Most Linux Distributions
• Mobile Operating Systems: iOS 9, Android 6.0
• Microsoft Edge, Firefox, Chrome and Safari follow a continuous release policy that makes difficult to fix a minimum version. For this reason, following the market recommendation we will support the last 2 major version of each of these browsers. Please note that as of January 2018, we do not support Safari on Windows.