Course Description
This course covers a variety of mathematical and computational techniques for modeling and analyzing security problems; fundamentals of mathematical approaches for analyzing risk, decision-making under uncertainty, adversarial reasoning, and extracting patterns from data for modeling and analysis; and methods to analyze security problems in rigorous ways. The course includes case studies and examples related to security to illustrate techniques and contemporary issues in cyber security.

Prerequisites
This course is intended for advanced undergraduates and graduate students. You should have significant programming experience (e.g., completion of CS 3331), as well as familiarity with basic probability and statistics (preferably through taking the required course).

Textbook and Readings
There is no primary textbook for the course. Readings will be assigned throughout the semester from various textbooks and research papers.

Course Outcomes

Upon completion of the course, students will be able to:
1. Apply formal definitions and methods for modeling risk, uncertainty, and decision making in the context of network security.
2. Explain basic concepts of decision theory, game theory, and risk analysis including utility theory, Bayesian and interval methods, Nash equilibrium, and minimax.
3. Implement basic models and solution algorithms for analyzing security problems.
4. Apply decision theoretic models (e.g., attack trees) for network security (e.g., penetration testing), and resource allocation (e.g., traffic filtering).
5. Apply game theory and adversarial reasoning to security problems, including malware detection and response, intrusion detection, and resource allocation.
6. Explain the principles of machine learning and common methods and tools for supervised learning and anomaly detection.
7. Apply machine learning paradigms and techniques for analysis within security applications, such as spam filtering and intrusion detection.
8. Analyze real-world examples of security problems by applying formal, quantitative models, while understanding the limitations of these models.

Grading
Grades for this course will be determined by a midterm exam, a final exam, homework assignments, paper presentations, and a final project. The approximate weightings of each component are:

• 20% Final Project
• 30% Homework assignments
• 25% Final Exam
• 15% Midterm exam
• 10% Paper presentations

Graduate Student Requirements
Students taking the course at the graduate level will be required to complete additional questions on homeworks and exams that demonstrate a deeper level of understanding of the concepts, and will have higher expectations for the final project and presentations.

Exams
There will be one midterm exam in addition to a cumulative final exam. If you have a serious scheduling conflict you must see the instructor to make arrangements as soon as possible.

Homework Assignments and Late Policy
Homework assignments will be a combination of written exercises and programming assignments. Reading and homework assignments will be announced in class. If you miss a class it is your responsibility to find out what you missed. Late assignments will be penalized at a rate of 10% per day, up to a maximum of 3 days. Assignments that are more than 3 days late will receive a grade of 0.

Final Project
Students will be required to complete a final project related to the content of the class. More details will be provided during the course.

Conduct and Academic Dishonesty
You are expected to conduct yourself in a professional and courteous manner, as prescribed by the UTEP Standards of Conduct. Graded work, e.g., homework and tests, is to be completed independently and should be unmistakably your own work (or, in the case of group work, your team's work), although you may discuss your project with other students in a general way. You may not represent as your own work material that is transcribed or copied from another person, book, or any other source, e.g., a web page.

Academic dishonesty includes but is not limited to cheating, plagiarism and collusion.

• Cheating may involve copying from or providing information to another student, possessing unauthorized materials during a test, or falsifying data (for example program outputs) in laboratory reports.
• Plagiarism occurs when someone represents the work or ideas of another person as his/her own.
• Collusion involves collaborating with another person to commit an academically dishonest act.

Disabilities
If you have a disability and need classroom accommodations, please contact The Center for Accommodations and Support Services (CASS) at 747-5148, or by email to cass@utep.edu, or visit their office located in UTEP Union East, Room 106. For additional information, please visit the CASS website at www.sa.utep.edu/cass.

Tentative Course Schedule

• Week 1: Course overview, probability theory
• Week 2: Probability theory
• Week 3: Utility/decision theory
• Week 4: Decision theory/risk analysis
• Week 5: Security decisions/risk analysis
• Week 6: Basic game theory
• Week 7: Basic game theory
• Week 8: Review, MIDTERM
• Week 9: Advanced game theory
• Week 10: Advanced game theory, security games
• Week 11: Security games
• Week 12: Machine learning/intrusion detection
• Week 13: Machine learning/intrusion detection
• Week 14: Student presentations
• Week 15: Student presentations
• 12/14: FINAL EXAM