CIS 340: AI for Cybersecurity
Smart Defense for the Digital Business
Course Logistics
Course Title: CIS 340: AI for Cybersecurity — Smart Defense for the Digital Business
Credit Hours: 3
Semester: Spring 2027 (16 weeks + final exam week)
Instructor
Ramadan Abdunabi, Ph.D.
Senior Clinical Professor, Computer Information Systems
College of Business
Office: 017 Rockwell Hall, 1277 Campus Delivery, Fort Collins, CO 80523
Phone: (970) 491-6227
Email: ramadan.abdunabi@colostate.edu
Office Hours: [To be confirmed — please specify]
Meeting Times & Location
Lecture: Monday and Wednesday, 10:00 am – 11:15 am
Location: Rockwell West (RWW) 118
Course Website
Canvas: [Your Canvas course shell link]
Course Description
Artificial intelligence is transforming how companies defend their data and how attackers break in. This hands-on course gives business students a practical, intuition-first introduction to both sides. Students start with cybersecurity fundamentals, build a friendly working understanding of machine learning (no heavy math, no prior coding experience needed), and then apply AI to real security problems: detecting spam and phishing, catching fraud, spotting unusual logins, and defending AI systems themselves against adversarial attacks and prompt injection.
Every week pairs interactive lectures with guided Python labs in Google Colab, plus Capture the Flag challenges and a tabletop incident exercise using free industry platforms. By the end, students can speak confidently about AI, security, governance, and trustworthy AI in any business setting, and they will have a portfolio of 12 completed hands-on labs to prove it.
Learning Objectives
After completing this course, students will be able to:
- Explain core cybersecurity concepts, common threats, and defensive strategies, including the human factor
- Describe the four major machine learning styles (supervised, unsupervised, semi-supervised, reinforcement) in plain language and match each to business and security use cases
- Build, run, and evaluate beginner-level ML models in Python using Google Colab, including spam classifiers, fraud detectors, and anomaly detectors
- Interpret model results for decision makers, including accuracy, false positives, and operational trade-offs
- Explain how attackers use AI and how AI systems themselves are attacked through adversarial examples, data poisoning, model evasion, model inversion, and prompt injection
- Apply basic prompt engineering and defensive prompting techniques to LLM-based tools
- Discuss AI ethics, bias and fairness, privacy in ML pipelines, security versus privacy trade-offs, and major AI governance frameworks
- Participate in beginner Capture the Flag exercises and cybersecurity tabletop exercises using free industry platforms
Topics Covered
- Cybersecurity fundamentals: CIA triad, threats, risks, and defenses
- The human factor in security (social engineering, phishing)
- Introduction to data, features, and labels
- Machine learning concepts and four major learning styles
- Supervised learning: classification and regression
- Building and evaluating ML models (accuracy, precision, recall, false positives)
- Unsupervised learning: clustering and anomaly detection
- Semi-supervised learning and reinforcement learning in security contexts
- Adversarial attacks on ML systems (adversarial examples, data poisoning, evasion, inversion)
- Prompt injection and LLM security
- Prompt engineering and defensive techniques
- AI ethics, bias, fairness, and privacy
- AI governance frameworks and responsible AI
- Hands-on labs: spam classifiers, fraud detectors, anomaly detectors
- Capture the Flag (CTF) challenges and incident response exercises
Textbooks and Readings
Required
- Tom Taulli, Artificial Intelligence Basics: A Non-Technical Introduction, Apress. A plain-language tour of AI and ML concepts written for business readers.
- Raef Meeuwisse, Cybersecurity for Beginners, Cyber Simplicity. A friendly, jargon-free introduction to security concepts and terminology.
Optional (for curious students)
- Ram Shankar Siva Kumar and Hyrum Anderson, Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems. A highly readable story-driven book on adversarial AI.
- Clarence Chio and David Freeman, Machine Learning and Security, O’Reilly. A deeper technical reference for students who want more.
- Google Machine Learning Crash Course (free online) — useful supplemental videos and visuals.
Required Tools and Platforms
All tools are free. Students need only a laptop and a Google account.
- Python — the course programming language, used at a gentle beginner level with all starter code provided
- Google Colab — primary lab environment, runs in the browser with nothing to install
- Jupyter Notebook — optional local alternative to Colab for students who prefer it
- Core Python libraries — pandas, scikit-learn, and matplotlib (pre-installed in Colab)
- Hacker101 — free beginner-friendly hacking lessons and CTF challenges (Week 11); https://www.hacker101.com/
- CTFd — free Capture the Flag platform used for the in-class mini CTF event (Week 15); https://ctfd.io/
- CISA Tabletop Exercise Packages — free, professionally designed incident scenarios (Week 14); https://www.cisa.gov/resources-tools/services/cisa-tabletop-exercise-packages
Workload and Assessment
Time Expectations
This is a 3-credit course meeting 2.5 hours per week in class (two 75-minute sessions). Students should expect approximately 4–5 hours of independent work per week (lab completion, readings, quiz preparation, and project work), for a total of 6.5–7.5 hours per week.
Grade Breakdown
| Component | Percentage | |———–|————| | 12 Quizzes (Weeks 1–8, 10–13) | 25% | | 12 Labs (Weeks 1–8, 10–13) | 35% | | 4 Exams (Weeks 5, 9, 13, 17) | 40% | | Total | 100% |
Assessment Types
Quizzes (12 total, 24% of grade)
Short conceptual and applied quizzes (Weeks 1–8, 10–13). No heavy math. Administered in class on Wednesdays. Each quiz is worth 2% of the final grade. Quizzes test understanding of the week’s lecture and lab work.
Labs (12 total, 36% of grade)
Hands-on, guided Python labs in Google Colab (Weeks 1–8, 10–13). Students work individually or in groups of 2. Each lab involves building and evaluating a beginner-level ML model or security application (e.g., spam classifier, fraud detector, anomaly detector). Labs are 3% of the final grade each. Starter code is provided; students modify and extend it. Labs are submitted via Canvas and graded on correctness, code quality, and interpretation of results.
Exams (4 total, 28% of grade)
Four non-cumulative exams (Weeks 5, 9, 13, 17). Each exam covers only the previous 4 weeks of material and is worth 7% of the final grade. Exams are administered during class time (one exam session per exam week; instruction continues in the other session). Exam 2 (Week 9, during Spring Break) is administered online asynchronously. Format: mix of short-answer, multiple choice, and brief applied scenarios (no heavy math, no coding required during the exam). Exams test conceptual understanding and ability to apply course ideas to business security scenarios.
Policies
Late Work Policy
Assignments are due at the date and time listed on the schedule. Late submissions are accepted up to 48 hours past the deadline with a 10% penalty per day. Work submitted more than 48 hours late receives no credit unless prior arrangements have been made. If you anticipate difficulty meeting a deadline, contact the instructor before it passes.
Regrade Request Policy
[To be confirmed by instructor — typical options: requests within 7 days of grade posting, limited scope (e.g., arithmetic errors only or full reassessment), documented reasoning required]
Attendance and Participation Expectations
Regular attendance is essential. Students are expected to attend all lectures and labs. Participation in class discussions, labs, and group activities counts toward engagement and is part of earning a strong grade. Quizzes are administered in class on Wednesdays; missing a quiz without prior notice or excuse results in a zero unless a makeup is arranged with the instructor before the absence. Labs must be submitted by the deadline; late labs are subject to the late work policy above.
If you must miss class due to illness, emergency, or university-excused absence, notify the instructor as soon as possible and arrange a makeup time for quizzes and labs.
Exam Format and Makeup Policy
Exams are non-cumulative and cover only the previous 4 weeks of material. Three exams (Weeks 5, 13, 17) are administered in class; Exam 2 (Week 9, during Spring Break) is administered online asynchronously via Canvas.
Exam Format:
- Mix of short-answer, multiple-choice, and brief applied scenario questions
- No heavy mathematics or coding required
- Covers conceptual understanding and ability to apply ideas to real security problems
- Open-notes (lecture notes and textbook references are permitted; online collaboration, external AI assistance, and sharing answers with others are not)
Makeup Exams:
Students who miss an exam due to a documented illness, emergency, or university-excused absence may request a makeup. Contact the instructor within 24 hours of the scheduled exam time. Makeups are typically administered within one week of the original date at a time agreed upon by the instructor and student.
Academic Integrity
All work submitted in this course must be your own. Collaboration is encouraged where explicitly permitted, but presenting another person’s work, ideas, or code as your own — including unauthorized collaboration, copying, or reuse of solutions — is a violation of academic integrity. Suspected violations are handled under the university’s academic integrity policy and may result in a failing grade on the assignment or in the course.
Generative-AI Use Policy
Generative-AI tools (such as ChatGPT, Claude, or Copilot) may be used only as explicitly permitted for a given assignment. When permitted, you must disclose which tool you used and how, and you remain fully responsible for the correctness and originality of everything you submit. Using these tools where they are prohibited, or submitting their output as your own unaided work, is a violation of academic integrity.
AI use in this course:
- Labs and quizzes: AI tools are not permitted. Your code and answers must be your own work.
- Readings and research: AI tools may be used to summarize or explore topics, but you must still engage critically with assigned readings and cite any AI-assisted research.
- Group work: When groups are permitted, each member is responsible for contributing their own thinking; copying code or answers from an AI tool and presenting it as group work is prohibited.
If you are unsure whether AI use is allowed for a specific assignment, ask the instructor before you begin.
Code Submission Standards
All code submitted for labs and projects must follow these standards:
- Language and environment: Python, written in Google Colab or Jupyter Notebook
- Starter code: All labs provide starter code. Modify and extend it; do not rewrite it from scratch unless instructed.
- Comments: Include brief comments explaining key steps, especially where you add custom logic
- Variable naming: Use descriptive names (e.g.,
spam_classifierinstead ofx) - Readability: Keep cells organized, run all cells before submission, and ensure output is visible
- Submission format: Submit the completed notebook (.ipynb file) via Canvas before the deadline
- Testing: Run your code end-to-end before submitting to ensure it executes without errors
Professionalism and Conduct Expectations
Treat all classmates, the instructor, and teaching staff with respect. This course covers sensitive topics (cybersecurity attacks, AI risks, ethical dilemmas). Class discussions are open and encouraged, but remain professional and inclusive. Offensive language, harassment, or exclusionary behavior is not tolerated.
In lab and group work, share responsibilities fairly. If you work in a group, all members are expected to contribute and understand the work being submitted.
Communication Norms
Email response time: The instructor will respond to emails within 2 business days.
Preferred contact method: Email (ramadan.abdunabi@colostate.edu) for course questions, assignment clarifications, and scheduling. Use Canvas messages for quick logistical updates.
Office hours: [To be scheduled — instructor to confirm available times]
Canvas announcements: Check Canvas regularly for course updates, assignment releases, and important deadlines.
University-Required Statements
Disability Support Services (DSS)
Colorado State University is committed to providing an inclusive and accessible learning environment. If you have a documented disability (physical, sensory, learning, or cognitive) that impacts your participation in this course, please contact the Disability Support Services office:
Disability Support Services
Phone: (970) 491-6385
Email: dss@colostate.edu
Website: https://disabilitycenter.colostate.edu/
Once you have documentation, notify the instructor as early as possible so that appropriate accommodations can be arranged (e.g., extra time on exams, alternate formats for readings, quiet workspace for labs).
Religious Holiday Accommodations
Colorado State University respects the rights of students to observe religious holidays. If a course requirement or deadline conflicts with your religious observance, contact the instructor at least two weeks in advance to arrange an alternative date or time. Please visit the Office of Inclusion, Diversity and Belonging for guidance: https://www.colostate.edu/diversity/
Counseling and Psychological Services (CAPS)
CSU is committed to your mental health and well-being. If you are experiencing stress, anxiety, depression, or other mental health concerns, support is available:
Counseling and Psychological Services
Phone: (970) 491-6053
Website: https://www.colostate.edu/student-services/counseling/
Services are free and confidential. Counselors can support you with academic stress, personal crises, and long-term well-being.
Nondiscrimination and Harassment-Free Environment
Colorado State University does not discriminate on the basis of race, color, national origin, sex, age, disability, political affiliation, or sexual orientation in its policies, procedures, or programs. Harassment based on any protected status is not tolerated. If you experience or witness discrimination or harassment, report it to:
Office of Inclusion, Diversity and Belonging
Phone: (970) 491-5252
Email: diversity@colostate.edu
Website: https://www.colostate.edu/diversity/
All reports are taken seriously and handled with appropriate confidentiality.
Classroom Recording and Electronic Course Materials Policy
This course may use recordings of lectures, labs, and discussions to support student learning and provide accessible materials. By enrolling in this course, you agree that recordings may be made and used for the purposes listed above. Recordings are the property of Colorado State University and may not be shared, distributed, or used outside this course without permission.
Students may request not to appear on camera during synchronous sessions by notifying the instructor in advance. The instructor will record lectures (video and/or audio) and make them available on Canvas; personal devices or platforms may not be used to record class without express written permission.
Schedule
| Week | Session | Topic | Reading | Assignments / Due | |——|———|——-|———|——————-| | 1 | Mon | Welcome to Cybersecurity | PDF Handout 1: Cybersecurity Fundamentals | Lab 1 released | | 1 | Wed | CIA Triad, Threats, and the Human Factor | PDF Handout 1: Cybersecurity Fundamentals | Quiz 1 in class | | 2 | Mon | Data, the Fuel of AI | PDF Handout 2: Introduction to Data and AI | Lab 1 due; Lab 2 released | | 2 | Wed | AI, ML, and Security Data Sources | PDF Handout 2: Introduction to Data and AI | Quiz 2 in class | | 3 | Mon | Supervised Learning: Teaching with Labels | PDF Handout 3: Supervised Learning Basics | Lab 2 due; Lab 3 released | | 3 | Wed | Decision Trees, k-NN, and Classification | PDF Handout 3: Supervised Learning Basics | Quiz 3 in class | | 4 | Mon | Regression and Model Evaluation | PDF Handout 4: Regression and Model Metrics | Lab 3 due; Lab 4 released | | 4 | Wed | Confusion Matrix, False Positives, and Trade-Offs | PDF Handout 4: Regression and Model Metrics | Quiz 4 in class | | 5 | Mon | Exam 1 Review and Preview | PDF Handout 4: Regression and Model Metrics | Lab 4 due | | 5 | Wed | Exam 1 (in-class, covers Weeks 1–4) | — | Exam 1 due in class | | 6 | Mon | Unsupervised Learning: Finding Hidden Patterns | PDF Handout 5: Unsupervised Learning and Clustering | Lab 5 released | | 6 | Wed | Clustering and Anomaly Detection | PDF Handout 5: Unsupervised Learning and Clustering | Quiz 5 in class | | 7 | Mon | Semi-Supervised Learning and Reinforcement Learning | PDF Handout 6: Semi-Supervised and Reinforcement Learning | Lab 5 due; Lab 6 released | | 7 | Wed | Semi-Supervised and Reinforcement Learning in Security | PDF Handout 6: Semi-Supervised and Reinforcement Learning | Quiz 6 in class | | 8 | Mon | Threats from the Inside: How Attackers Use AI | PDF Handout 7: AI-Powered Attacks | Lab 6 due; Lab 7 released | | 8 | Wed | Malware, Deepfakes, and AI-Driven Reconnaissance | PDF Handout 7: AI-Powered Attacks | Quiz 7 in class | | 9 | Mon | Spring Break — No class | — | Lab 7 due | | 9 | Wed | Exam 2 (online, asynchronous, covers Weeks 5–8) | — | Exam 2 due by end of week | | 10 | Mon | Adversarial Examples and Data Poisoning | PDF Handout 8: Adversarial Attacks on ML Systems | Lab 8 released | | 10 | Wed | Model Inversion, Privacy Attacks, and Defenses | PDF Handout 8: Adversarial Attacks on ML Systems | Quiz 8 in class | | 11 | Mon | Prompt Injection and LLM Security | PDF Handout 9: LLM Security and Prompt Injection | Lab 8 due; Lab 9 (CTF Challenge) released | | 11 | Wed | Defensive Prompting and LLM Hardening | PDF Handout 9: LLM Security and Prompt Injection | Lab 9 (CTF Challenge) due | | 12 | Mon | AI Ethics, Bias, Fairness, and Governance | PDF Handout 10: AI Ethics, Bias, and Fairness | Lab 10 released | | 12 | Wed | Fairness Definitions, Regulatory Landscapes, and Responsible AI | PDF Handout 10: AI Ethics, Bias, and Fairness | Quiz 9 in class | | 13 | Mon | Privacy in ML Pipelines and Security vs. Privacy Trade-Offs | PDF Handout 11: Privacy-Preserving ML and Trade-Offs | Lab 10 due; Lab 11 released | | 13 | Wed | Exam 3 (in-class, covers Weeks 10–13) | — | Exam 3 due in class; Quiz 10 in class | | 14 | Mon | Trustworthy AI and Responsible AI in Practice | PDF Handout 12: Trustworthy AI and Responsible AI | Lab 11 due; Lab 12 (Tabletop Incident Response) released | | 14 | Wed | Tabletop Incident Response Exercise and Debrief | PDF Handout 12: Trustworthy AI and Responsible AI | Quiz 11 in class | | 15 | Mon | Advanced Topics and Emerging Threats | PDF Handout 13: Advanced Topics and Future Threats | Lab 12 (Tabletop Incident Response) due | | 15 | Wed | Course Wrap-Up and Review (Weeks 10–15 material) | PDF Handout 13: Advanced Topics and Future Threats | Quiz 12 in class | | 16 | Mon | Final Q&A and Exam Preparation | — | — | | 16 | Wed | Final Q&A and Exam Preparation (continued) | — | — | | 17 | — | Exam 4 (final exam week, covers Weeks 10–16) | — | Exam 4 due (date/time per university final exam schedule) |
Weekly Learning Objectives and Session Descriptions
Week 1: Welcome to Cybersecurity
Learning Objectives
- Explain why cybersecurity matters to modern businesses
- Define confidentiality, integrity, and availability (the CIA triad)
- Identify common threats, vulnerabilities, and attack types
- Describe the role of human behavior in security incidents
Monday Session
Course overview and expectations. Why AI and cybersecurity together is one of the most valuable skill sets in business. Core security concepts: assets, threats, vulnerabilities, risk, and the CIA triad. Real headlines: famous breaches and what they cost.
Wednesday Session
Attack landscape tour: phishing, malware, ransomware, denial of service, and insider threats. Defensive strategies at a glance: prevention, detection, and response. The human factor: social engineering and why people are the most targeted layer.
Lab 1: Hello, Colab
Guided first steps in Google Colab: run Python cells, load a small dataset of breached passwords, and use simple commands to find the most common weak passwords. No prior coding required; every step is provided.
Quiz 1
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Security basics (CIA triad, threat types, and the human factor).
Week 2: Data, the Fuel of AI
Learning Objectives
- Define artificial intelligence and machine learning in plain language
- Distinguish AI, ML, and traditional rule-based software
- Identify common sources of security data (logs, emails, network traffic)
- Read a dataset in terms of rows, features, and labels
Monday Session
What AI actually is, minus the hype. Rules versus learning from data. Everyday AI in business: recommendations, fraud alerts, spam filters. Where security data comes from: system logs, email, network traffic, and user activity.
Wednesday Session
Anatomy of a dataset: rows, columns, features, and labels. Data quality and why “garbage in, garbage out” matters for security tools. Visualizing data to spot patterns. Demo: exploring a real phishing email dataset together.
Lab 2: Exploring Security Data
Use pandas in Colab to open a phishing email dataset, count phishing versus legitimate messages, and create simple charts of suspicious words and link counts. Students answer guided questions about what they observe.
Quiz 2
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: AI versus ML versus rules; features and labels; security data sources.
Week 3: Supervised Learning: Teaching with Labels
Learning Objectives
- Explain supervised learning as learning from labeled examples
- Describe the difference between training data and testing data
- Walk through how a classifier decides between classes
- Connect classification to spam and phishing detection
Monday Session
Supervised learning intuition: showing a model thousands of labeled examples so it can label new ones. Classification explained with the spam filter story. Training versus testing and why we never grade a model on questions it has already seen.
Wednesday Session
A visual tour of two beginner-friendly classifiers: decision trees (a flowchart learned from data) and k-nearest neighbors (you are what your neighbors are). Live demo: training a spam classifier step by step in Colab.
Lab 3: Build Your First Spam Classifier
Train a decision tree in Colab to classify emails as spam or legitimate. Students split data into training and test sets, train the model, test it on new emails, and write their own example email to fool or pass the filter.
Quiz 3
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Supervised learning; labels; train/test split; classification intuition.
Week 4: Did the Model Get It Right? Regression and Evaluation
Learning Objectives
- Explain regression as predicting a number instead of a category
- Read a confusion matrix without fear
- Define false positives and false negatives in a security context
- Argue why accuracy alone can be misleading
Monday Session
Regression intuition: predicting risk scores, expected losses, or time to patch. Classification versus regression with business examples. Demo: a simple model that scores how risky a login attempt looks.
Wednesday Session
Model evaluation for decision makers: accuracy, the confusion matrix, false positives versus false negatives. The analyst fatigue problem: what happens when a tool cries wolf. Trade-offs every security manager must understand. Exam 1 review.
Lab 4: Judging a Phishing URL Detector
Evaluate a pre-trained phishing URL detector in Colab. Students compute accuracy, build a confusion matrix, count false alarms versus missed attacks, and adjust the alert threshold to see the trade-off change in real time.
Quiz 4
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Regression versus classification; confusion matrix; false positive trade-offs.
Week 5: Unsupervised Learning and Exam 1
Learning Objectives
- Explain unsupervised learning as pattern finding without labels
- Describe clustering and what a cluster means in security data
- Identify business and security uses of clustering
- Interpret simple cluster visualizations
Monday Session
Exam 1 review (covers Weeks 1–4). First 60 minutes: exam administration. Remaining time: short preview of unsupervised learning.
Wednesday Session
Exam 1 (written, in-class, non-cumulative, covers Weeks 1–4).
Week 6: Unsupervised Learning: Finding Hidden Patterns
Learning Objectives
- Explain unsupervised learning as pattern finding without labels
- Describe clustering and what a cluster means in security data
- Identify business and security uses of clustering
- Interpret simple cluster visualizations
Monday Session
Unsupervised learning: why and when you don’t have labels. Clustering as a security tool: grouping similar network traffic, user behavior, or malware samples. The difference between k-means and hierarchical clustering explained visually.
Wednesday Session
Deep dive: k-means clustering, hierarchical clustering, and how to read a dendrogram. Anomaly detection (outlier detection) using isolation forests and local outlier factors. Real-world example: detecting unusual login patterns.
Lab 5: Clustering and Anomaly Detection
Use k-means and isolation forests in Colab to cluster network traffic patterns and detect anomalies. Students interpret cluster visualizations and identify suspicious activity.
Quiz 5
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Unsupervised learning; clustering; anomaly detection; cluster interpretation.
Week 7: Semi-Supervised and Reinforcement Learning
Learning Objectives
- Explain semi-supervised learning as learning from a mix of labeled and unlabeled data
- Describe reinforcement learning as learning from rewards and penalties
- Identify security use cases for semi-supervised and reinforcement learning
- Relate RL to defender-attacker game theory
Monday Session
Semi-supervised learning: when you have a few labeled examples and lots of unlabeled data. Reinforcement learning intuition: learning from rewards and penalties. Security games and how RL applies to defender-attacker scenarios.
Wednesday Session
Semi-supervised concepts applied to malware classification and intrusion detection. Reinforcement learning in security: game theory, defender-attacker interactions, and automated response strategies.
Lab 6: Semi-Supervised Classification
Use a semi-supervised approach to classify malware in Colab with limited labeled data. Students see how unlabeled data can improve a model when labeled data is scarce.
Quiz 6
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Semi-supervised learning; reinforcement learning; learning paradigms; game theory in security.
Week 8: Threats from the Inside: How Attackers Use AI
Learning Objectives
- Explain how attackers use machine learning and AI
- Describe AI-powered malware, credential stuffing, and deepfakes
- Understand AI-driven reconnaissance and vulnerability discovery
- Relate attacker AI to defensive strategy
Monday Session
AI-powered malware: malware that learns and adapts. Credential stuffing and password-guessing attacks at scale. Deepfakes and synthetic media as attack vectors. AI-driven reconnaissance: automated scanning and vulnerability discovery.
Wednesday Session
Deep dive into each attacker use case: how machine learning enables modern attack campaigns. Case studies: real breaches powered by AI. Why understanding attacker AI is critical for defensive strategy.
Lab 7: Adversarial Email Generation
Students use simple ML techniques to generate plausible but synthetic phishing emails (in a controlled lab environment) to understand how attackers craft convincing campaigns. No actual phishing; purely educational.
Quiz 7
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Attacker use of AI; malware, deepfakes, reconnaissance; AI-driven attacks.
Week 9: Spring Break and Exam 2
Monday Session
Spring Break — no class.
Wednesday Session
Exam 2 (written, online asynchronous, non-cumulative, covers Weeks 5–8). Students complete during this week via Canvas.
Week 10: How AI Systems Are Attacked
Learning Objectives
- Explain adversarial examples and how they fool ML models
- Describe data poisoning and its impact on model training
- Define model evasion, model inversion, and privacy attacks
- Identify defenses against each attack type
Monday Session
How AI systems are attacked. Adversarial examples: small, crafted perturbations that fool models (e.g., images that look normal to humans but fool a classifier). Data poisoning: attacking the training data itself. Model evasion: attackers manipulating inputs at test time.
Wednesday Session
Model inversion: extracting sensitive training data from a model’s predictions. Privacy attacks on machine learning. Introduction to defenses: robustness, detection, and certified defenses.
Lab 8: Adversarial Example Explorer
Explore adversarial examples in Colab: generate small perturbations that cause a pre-trained image classifier to misclassify. Students visualize and understand why models are vulnerable to tiny, human-imperceptible changes.
Quiz 8
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Adversarial examples; data poisoning; model evasion; privacy attacks; defenses.
Week 11: Prompt Injection and LLM Security
Learning Objectives
- Explain how large language models (LLMs) work and their role in business
- Describe prompt injection attacks and real-world examples
- Identify defensive prompting techniques and guardrails
- Understand LLM security best practices
Monday Session
Large language models (LLMs) and their role in business and security. Prompt injection attacks: manipulating LLM behavior through malicious inputs. Real examples: jailbreaks, prompt leakage, and indirect injection via documents.
Wednesday Session
Defensive prompting techniques: system prompts, guardrails, and output validation. LLM security best practices. In-class participation activity: Capture the Flag (CTF) mini-event using Hacker101 or CTFd (ungraded, for learning and engagement).
Lab 9: CTF Challenge
Students participate in a beginner-friendly Capture the Flag challenge using Hacker101 (https://www.hacker101.com/) or the course CTFd instance to practice identifying and exploiting basic security vulnerabilities in a controlled, educational environment. No actual attacks on external systems; purely for learning offensive and defensive security concepts.
Week 12: AI Ethics, Bias, Fairness, and Governance
Learning Objectives
- Define fairness in machine learning and understand different fairness definitions
- Identify sources of bias in training data, model design, and deployment
- Explain major AI governance frameworks (GDPR, AI Act, U.S. Executive Orders)
- Discuss transparency and explainability in AI systems
Monday Session
What is fairness in machine learning? Bias in training data, model design, and deployment. Legal and ethical frameworks: GDPR, AI Act, U.S. Executive Orders. Transparency and explainability in AI systems.
Wednesday Session
Deep dive: different fairness definitions and trade-offs. Regulatory requirements: GDPR, AI Act, sector-specific rules. How organizations build responsible AI: governance boards, audits, and documentation.
Lab 10: Bias Detection in Models
Students analyze a pre-trained model for bias across demographic groups using Colab. They compute fairness metrics, visualize disparities, and discuss mitigation strategies.
Quiz 9
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Fairness definitions; bias sources; governance frameworks; regulatory requirements.
Week 13: Privacy and Trade-Offs, plus Exam 3
Learning Objectives
- Explain privacy-preserving machine learning techniques
- Discuss the tension between security and privacy
- Understand real-world privacy dilemmas in security operations
- Apply ethical reasoning to ML deployment decisions
Monday Session
Privacy-preserving machine learning: differential privacy, federated learning, and encrypted computation. Security versus privacy: why stronger encryption can make detection harder. Real-world dilemmas in security operations.
Wednesday Session
Exam 3 (written, in-class, non-cumulative, covers Weeks 10–13). Quiz 10 administered same class period.
Lab 11: Differential Privacy
Students implement a simple differential privacy mechanism in Colab to add noise to a dataset before model training. They see how privacy protection and model accuracy trade off.
Quiz 10
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Privacy-preserving ML; differential privacy; federated learning; security vs. privacy trade-offs.
Week 14: Trustworthy AI and Responsible AI in Practice
Learning Objectives
- Explain trustworthy AI frameworks: transparency, explainability, robustness, and accountability
- Describe how organizations build and deploy responsible AI
- Apply incident response and ethical reasoning to AI system failures
- Connect governance, transparency, and business decision-making
Monday Session
Trustworthy AI frameworks: transparency, explainability, robustness, and accountability. How to build AI systems that business leaders and regulators can trust. Real case studies: organizations implementing responsible AI.
Wednesday Session
In-class participation activity: tabletop incident response exercise using CISA Tabletop Exercise Packages (https://www.cisa.gov/resources-tools/services/cisa-tabletop-exercise-packages) (ungraded, for learning and engagement). Debrief: how AI and human judgment work together in crisis response.
Lab 12: Tabletop Incident Response Exercise
Students participate in a guided incident response tabletop exercise using CISA’s free professionally designed scenarios. Teams work through a simulated cyber incident involving AI or ML systems, make decisions under pressure, and debrief on outcomes. This hands-on exercise builds practical incident response skills and demonstrates how governance, communication, and technical understanding intersect during a crisis.
Week 15: Advanced Topics and Course Wrap-Up
Learning Objectives
- Describe advanced ML techniques and their security applications
- Identify emerging AI and cybersecurity threats
- Synthesize course concepts into an integrated security and AI strategy
- Prepare for real-world roles involving AI and cybersecurity
Monday Session
Advanced topics: federated learning, transfer learning, and few-shot learning in security contexts. Emerging threats: AI-generated malware, adversarial poisoning at scale, and new attack vectors. Future of AI and cybersecurity.
Wednesday Session
Synthesis: how all course concepts connect. Review of key ideas: ML basics, adversarial attacks, LLM security, ethics, governance, and responsible AI. Q&A and exam preparation.
Lab 12 (Due This Week)
Lab 12 (Model Explainability) due at the start of this week.
Quiz 12
Short online quiz (10–12 conceptual and applied questions, no heavy math). Focus: Advanced ML techniques; emerging threats; synthesis of all course concepts; AI and cybersecurity strategy.
Week 16: Final Q&A and Exam Preparation
Learning Objectives
- Review and clarify all course material (Weeks 10–16)
- Address common misconceptions
- Prepare confidently for Exam 4
Monday Session
Open office hours for final questions. Discussion of common misconceptions. Last-minute clarifications on Weeks 10–16 material.
Wednesday Session
Continued Q&A and review. Mock questions and study strategies.
Week 17: Final Exam
Exam 4 (written, non-cumulative, covers Weeks 10–16)
Administered during the university’s final exam week at a date and time specified by the registrar. Mix of short-answer, multiple-choice, and brief applied scenario questions. No heavy math or coding required. Open notes.
Letter Grade Scale
| Grade | Range |
|---|---|
| A | 90–100% |
| B | 80–89% |
| C | 70–79% |
| D | 60–69% |
| F | Below 60% |
Notes for the Instructor
- Office hours: Please confirm your available office hours and add them to the “Instructor” section above.
- Regrade request policy: Confirm your preferred window for regrade requests (e.g., within 7 days of grade posting) and scope (e.g., arithmetic errors only, or full reassessment). This can be added to the “Regrade Request Policy” section.
- Canvas shell: Add the course Canvas shell URL/link to the “Course Website” section once the course is live.
- Readings: The “Reading” column in the schedule is currently marked “TBD.” Specify which chapter(s) or sections from the required and optional textbooks (or other sources) students should read each week, and these will be filled in throughout the schedule.
- Lecture hints/descriptions: If you would like to add brief descriptions (1–3 sentences each) of the key points or examples to cover in each week’s lectures, let me know and I can add a “Lecture Hints” section after the schedule.