Module 6: Adversarial behavior and evasion

Module 6: Adversarial behavior and evasion#

AINS6300 — AI in Threat Detection

Essential Question#

How do attackers adapt to detectors?

Scenario#

a security operations center tuning AI-assisted detections before analyst rollout

Stakeholders: SOC analyst, detection engineer, incident commander, and business system owner

Core Moves#

Define the decision boundary
Compare baseline and alternative
Interpret evidence and assumptions
Identify failure modes
Recommend next action

Lab & Assignment#

Run a tabletop evasion analysis.

Artifact: detection engineering packet with threat model, false-positive analysis, and triage workflow focused on adversarial behavior and evasion: Run a tabletop evasion analysis.