Syllabus: AINS6300 AI in Threat Detection#
Catalog Description#
Applies AI to telemetry, anomaly detection, threat intelligence, detection engineering, and SOC integration.
Course Structure#
Each week includes readings, a lecture/slide sequence, an executable lab, and an applied deliverable. Students maintain a reproducible project record and submit work through the LMS or GitHub workflow selected by the instructor.
Weekly Schedule#
Week |
Topic |
Essential Question |
Deliverable |
|---|---|---|---|
1 |
Security telemetry and threat models |
What signals reveal malicious behavior? |
Lab notebook + assignment brief |
2 |
Anomaly detection foundations |
How can models detect unknown patterns? |
Lab notebook + assignment brief |
3 |
Malware and network behavior analysis |
What features distinguish hostile activity? |
Lab notebook + assignment brief |
4 |
Threat intelligence and enrichment |
How does external intelligence improve detection? |
Lab notebook + assignment brief |
5 |
Detection engineering and evaluation |
How do we measure detection quality? |
Lab notebook + assignment brief |
6 |
Adversarial behavior and evasion |
How do attackers adapt to detectors? |
Lab notebook + assignment brief |
7 |
Security operations integration |
How do detections become action? |
Lab notebook + assignment brief |
8 |
Threat detection portfolio |
What evidence supports deployment? |
Lab notebook + assignment brief |
Assessment#
Component |
Weight |
|---|---|
Weekly labs and notebooks |
30% |
Applied assignments |
35% |
Participation and technical critique |
15% |
Final synthesis portfolio |
20% |
Graduate Expectations#
Submissions must show technical reasoning, evidence awareness, clear limitations, and responsible use of AI assistance. Code and analysis should be reproducible enough for instructor review.