Government Pavilion, C/ Padre Herrera s/n
Post Office Box 456
38200, San Cristobal de La Laguna
Santa Cruz de Tenerife - Spain
Switchboard Tel.: (+34) 922 31 90 00
Hours: Mon, 8:00 a.m. to 9:00 p.m.
AI applications in
Cybersecurity
AI Applications in Cybersecurity
Overview
This training program equips students to understand the limitations of traditional security methods and recognize the opportunities that Artificial Intelligence offers in solving diverse cybersecurity challenges. Throughout the course, participants will learn to select, prepare, and enrich suitable datasets to train models for detecting threats and anomalous behavior. They will also develop the skills necessary to build and evaluate a complete case study, applying supervised and unsupervised learning techniques, and analyzing the results along with the ethical and privacy implications associated with the use of AI in security environments.
- Analyze the limitations of traditional security methods and identify the opportunities that Artificial Intelligence offers to address different types of cybersecurity problems.
- Select, prepare and expand suitable datasets for training AI models applied to the detection of threats and anomalous behaviors.
- Develop and evaluate a complete cybersecurity case study, implementing supervised and unsupervised models, assessing their results and ethical and privacy implications.
If you do not hold a bachelor's degree, students enrolled in undergraduate or master's degree programs will be accepted, preferably those in the fields of Engineering and Architecture and Science, as these provide the necessary technical and analytical foundation for understanding the course content. Undergraduate degrees at the University of La Laguna considered particularly relevant include:
Engineering and Architecture Branch
- Bachelor's Degree in Computer Engineering
- Bachelor's Degree in Industrial Electronics and Automation Engineering
- Bachelor's Degree in Mechanical Engineering
- Bachelor's Degree in Industrial Chemical Engineering
- Bachelor's Degree in Civil Engineering
- Degree in Technical Architecture
- Bachelor's Degree in Marine Technologies
- Degree in Nautical Studies and Maritime Transport
Branch of Sciences
- Bachelor's Degree in Mathematics
- Bachelor's Degree in Physics
- Bachelor's Degree in Chemistry
- Bachelor's Degree in Biology
- Bachelor's Degree in Environmental Sciences
Students and graduates from other fields of knowledge, such as Social Sciences and Law, Health Sciences or Arts and Humanities, may also be admitted, provided they demonstrate interest or experience in areas related to technology, data analysis, programming or digital innovation.
Academic program
Block 0 – Cyber-AI Startup and Context
Introduction to the working environment: Python (scikit-learn, pandas, numpy) and Google Colab. Limitations of Traditional Security: The problem of the volume, speed and variety of threats (signatures vs. behavior).
AI Opportunities: Proactive detection, behavioral analysis, automated response.
Taxonomy of Problems: Problem Identification (Intrusion, Malware, Phishing, Fraud)
Block 1 – Specific Data and Preprocessing
Identification of public dataset sources (CIC-IDS2017, NSL-KDD, etc.) and structure of their content according to each type of problem.
Preprocessing Techniques: Encoding (One-Hot, Label), Scaling (StandardScaler, MinMaxScaler).
Class Imbalance Management: The problem of "attacks" vs. "normal traffic".
Synthetic Data Generation: Oversampling techniques (e.g., SMOTE) to balance fraud or intrusion datasets.
Block 2 – Supervised Learning (Detection of Known Threats)
Fundamentals of Classification: Logistic Regression, Decision Trees.
Robust Models: Random Forest and Gradient Boosting (XGBoost) for high accuracy. Practical Case 1: Malware Detection Using static features for binary classification (benign vs. malicious).
Practical Case 2: Phishing Detection Classification of URLs or emails based on their characteristics (lexical, structural).
Block 3 – Unsupervised Learning (Detection of Anomalies) (10 h)
Clustering Algorithms: K-Means, to find groups of similar behavior. Specific Anomaly Detection Algorithms: Isolation Forest and One-Class SVM.
Practical Case: Intrusion Detection Identifying network traffic that deviates from learned "normal" behavior.
Practical Case: Behavior Analysis Modeling of a user's baseline and detection of deviations (e.g., anomalous access).
Block 4 – Evaluation, Ethics and Challenges
Validation Strategies: Train/Test split and Cross Validation (K-Fold).
Key Metrics in Cybersecurity:
The Tyranny of Accuracy: Why accuracy is a misleading metric.
Confusion Matrix: The cost of False Positives (blocking a legitimate user) vs. False Negatives (allowing an attack).
Accuracy, Recall, F1-Score and ROC/AUC Curve.
Ethics, Biases, and Privacy:
Privacy in data analysis (e.g., network traffic).
Biases in datasets
Block 5 – Integrative Project (Case Study)
Problem Formulation: Selecting a Use Case
Dataset Selection and Documentation: Searching for and justifying the dataset to be used. End-to-End Pipeline Development:
Loading and preprocessing
Model selection and training
Robust evaluation with appropriate metrics
Results Analysis: Interpretation of the confusion matrix and justification of the model choice.
Regarding the way to organize the teaching to achieve the objectives set out in the micro-credential, the organizational modality summarized below will be followed:
– Lectures/expository method: presentation or explanation by the teaching staff.
– Seminars: carrying out exercises, solving problems or practical cases, others.
– Individual work: individual preparation of assignments/projects/reports, portfolio, …
– Assessment: written tests, oral tests, practical tests, …
– Tutoring: instruction period in which teachers and students interact with the aim of reviewing and discussing materials and topics presented in class.
– Exhibitions, debates and presentation of works and projects: activities supervised by the teaching staff.
The training activities to be carried out during the delivery of the micro-credential will be:
- Theoretical classes: expository, explanatory or demonstration sessions of the contents and knowledge.
- Practical classes in a computer room or laboratory.
- Work: preparation of an individual project or study.
- Self-employment.
- Evaluation: conducting applied tests and exercises.
Assessment tests:
– Objective tests (true/false, multiple choice, test type, fill-in-the-blank, ordering, etc.): These are measurement instruments that allow the evaluation of knowledge, skills, performance, aptitudes, etc. The answers are closed-ended, thus promoting objectivity during the scoring process.
– Case, exercise and problem solving: tests in which students must solve, in a reasoned manner, within a certain time, and according to the established criteria, the cases, exercises or problems posed by the teaching staff, with the aim of applying the knowledge acquired.
– Oral presentation and defense of topics, assignments, etc.: oral presentation on a topic related to the micro-credential content or on the results of an assignment, exercise, or project, followed by a discussion with the teaching staff. This can be done individually or in a group.
General information
Credits: 2 ECTS
Duration: 27/01/2026 -10/02/2026
Teaching modality: Virtual
Location: Virtual Classroom/Higher School of Engineering and Technology
Registration
More information
Short courses available in various formats (in-person, online, or hybrid). Ideal for learning without interrupting your professional life.
Content created and delivered by professionals and experts in the field, designed for immediate application.
Endorsed by the University of La Laguna. You will receive an official ECTS certificate, valid in the European Higher Education Area.
Teaching staff
Tuition
Registration link
Registration fee with or without discount
Tuition fees subsidized by the Cybersecurity Chair of the University of La Laguna C065/23, financed by the National Cybersecurity Institute (INCIBE) and funds from the Recovery, Transformation and Resilience Plan – Next Generation EU funds.
