None

The following goals are defined in terms of the Learning Outcomes, according to the level for Masters, defined in RD 1027/2011, 15th July. With regard to KNOWLEDGE ACQUISITION, at the end of the course the student will be able to: 1a. Know and understand the objectives of IT security. 1b. Know and understand the threats and vulnerabilities of information systems. 1c. Know and understand how Big Data analytics may help to address the introduced threats. 1d. Know and understand in detail the application of Big Data analytics techniques to assess the level of risk of an IT system. With regard to SKILLS ATTAINMENT, students will be able to: 2a. Identify vulnerabilities and threats on digital information systems. 2b. Investigate the main threats and vulnerabilities of information stored or processed in a system in a particular environment. 2c. Find and select appropriate Big Data analytics techniques to protect an IT system, taking into account the legal framework. 2d. Apply Big Data analytics techniques to determine the risk level of a given IT system. 2e. Investigate and develop technical essays on security issues in new environments subject of study. 2f. Take responsibility in a professional environment for tasks related to the research, evaluation and implementation of Big data techniques for security and risk assessment. With regard to ATTITUDES, after completing the course students should have: 3a. A critical attitude within the field of Big data analytics for security. 3b. A cooperative and team work attitude to obtain the documentation and data needed to analyze and assess the risks of particular IT systems. 3c. A positive attitude to teamwork to coordinate the different points of view (legal, operational, procedural) of the actors involved in the protection of IT systems. The primary objective for students is to learn how to apply Big Data analytics mechanisms for IT security and privacy purposes. Subordinated to this overall goal, the student will be able to choose the most suitable technique considering the goals (e.g. protecting a given system, reacting against an incident, assessing the risk level) and the existing restrictions (e.g. available data, legal issues, organizational aspects).

The programme is divided into five main sections: 1.Introduction to big data & security Information security concepts are introduced, defining those which are especially relevant in the context of Big Data and corporative systems. 2.Security information sources Tools and techniques to collect and manage security data will be presented. In this way, the security of a network could be monitorized to detect threats. 3.Security data analysis. SIEMs are introduced as a tool to manage security events at a large scale. The use of SIEM will be linked to security information sources previously learnt. Besides, the relevance of logs management will be described. 4.Security data visualization. Tools and techniques for the efficient visualization of security data will be explained, together with existing risks in high scale corporative networks. 5. Privacy preservation in big data and legal aspects. Cryptographic primitives to design privacy-preserving and secure protocols in distributed environments will be described. Recent advances for privacy preserving data analysis, data sanitization and retrieval will be discussed as well. Finally, privacy rules and policies linked to Big Data management will be introduced, emphasizing those related to corporative environments.

Teaching methodology will include: (1) theoretical lectures and teaching material. To facilitate their development students will receive class notes and other documents in the web tool along with relevant basic texts. (1.5 ECTS) (2) A practical approach encouraging research and further discussion of real case studies of processes and practices on IT security (1.5 ECTS) Lectures are aimed mainly at achieving knowledge objectives while practical and problem solving seek to develop attitudes and skills.