Week 6: Unsupervised Learning: Finding Hidden Patterns

Dates: Feb 16-20  ·  Reading: Handout 5: Unsupervised Learning and Clustering

Learning Objectives

• Explain unsupervised learning as pattern finding without labels
• Describe clustering and what a cluster means in security data
• Identify business and security uses of clustering
• Interpret simple cluster visualizations

Monday Session

Why and when you do not have labels. Clustering as a security tool: grouping similar network traffic, user behavior, or malware samples. k-means versus hierarchical clustering explained visually.

Wednesday Session

Deep dive: k-means, hierarchical clustering, and reading a dendrogram. Anomaly detection using isolation forests and local outlier factors. Real-world example: detecting unusual login patterns.

Lab

Lab 5: Clustering and Anomaly Detection. Use k-means and isolation forests to cluster network traffic and detect anomalies.

Quiz / This Week

Quiz 5. Unsupervised learning; clustering; anomaly detection; cluster interpretation.

---

← All lecture notes  ·  Detailed slides and notes are filled in with the lecture-builder skill.