Data Science for Security and Fraud
This 4-week course provides an introduction to tackling digital security and fraud challenges using Python and data science. This course covers common cybersecurity issues with bots and human fraudsters alike, and introduces data science frameworks for identifying and addressing these issues. You will get hands-on experience playing the fraudster yourself, then you will build solutions to identify malicious behavior and will design ways to stop it. The data sources and data science methods covered in this course can help data scientists develop new skills in digital security and fraud detection.
Course taught by expert instructors
Yiing Chau Mak
Head of Data at MetaMap
Mak is currently Head of Data at MetaMap. Previously, he led data science at Shape Security, where he helped Fortune 500 companies detect and stop malicious traffic – by bad bots, bad humans, and everything in between. As Director of Data Science at F5 (which acquired Shape), he built a real-time machine learning-based system that tackled many digital security and fraud challenges, such as fake account creation, account takeover, and unemployment claims. In his past life, Mak worked at the intersection of cybersecurity, cybercrime and personal data protection at the Cyber Security Agency of Singapore, where he led the creation of Singapore’s cybersecurity legislation and strategy.
Learn and apply skills with real-world projects.
Data scientists and analysts who are curious about the security and fraud space, or who need to defend their organizations and products from online fraud and abuse
Cybersecurity practitioners and fraud/abuse/trust and safety analysts who want to tackle online security and fraud problems at scale
- Ability to write Python fluently, and manipulate data within Python.
- Basic understanding of statistics and probability.
- Data science and fraud/security experience are not required.
Try these prep courses first
For this project, you will be the bad actor! You will examine a real (live) web application, then will build and deploy a script/system that attempts to take over accounts on the application. Your actual goal is trying to steal from a bank as much money as possible!
- How web applications work and how web content is delivered over the Internet
- How to inspect websites and web/API traffic
- How to think about web-application security: core security paradigms, what “identity” really means online, how attackers evolve over time, and some thoughts on rule-based vs. AI/ML security systems
- How to think like an attacker: common vulnerabilities and process/security loopholes in web applications, how to probe for those vulnerabilities, and top techniques employed by attackers (it’s not all about technology)
You will analyze logs from the web server/application you "attacked" last week, and will use anomaly-detection techniques to identify and profile any suspected automated (bot) logins to the web application.
- How to analyze web-application data
- What qualifies as “useful” data for security and fraud, where to obtain such data, and how to process and analyze it
- All about bots: how they work, how they manifest in web traffic, and why they are necessary to commit fraud at scale
- How to engineer useful features for bot detection with concepts like traffic entropy, and use readily available log data to develop such features
You will develop a model to classify transactions as “legitimate human”, “fraudster”, or “bot”, with features derived from user-interaction data like mouse movements and keystrokes. You will get to work with clean, high-quality, labeled data!
- What kinds of signals are available via the browser
- How humans and bots interact with websites and how to differentiate the two
- How good (legitimate human) users and human fraudsters interact with websites and how to differentiate the two
You will set up your own graph and will ingest some real transaction data into the graph to identify potentially fraudulent transactions that are related to a number of "seed" fraud indicators.
- Graphs 101: why we use graphs, how they work, and other key concepts
- How graphs can be applied to solve security and fraud challenges: possible frameworks and key considerations
- How to set up your own graph (using TigerGraph as an example), ingest data, and start analyzing
Work on projects that bring your learning to life.
Made to be directly applicable in your work.
Live access to experts
Sessions and Q&As with our expert instructors, along with real-world projects.
Network & community
Core reviews a study groups. Share experiences and learn alongside a global network of professionals.
Support & accountability
We have a system in place to make sure you complete the course, and to help nudge you along the way.
Get reimbursed by your company
More than half of learners get their Courses and Memberships reimbursed by their company.
Hundreds of companies have dedicated L&D and education budgets that have covered the costs.
Course success stories
Learn together and share experiences with other industry professionals
Amazing class! I was especially drawn in by the projects. I loved balance of scaffolding to independence—we had an almost endless ability to explore different possibilities, whether it was poking around for vulnerabilities on a practice website or sifting through huge datasets to look for patterns that might signal fraud. This class made me excited about what you can do with data science!
Mak is the real deal. In a space that's flooded with hype and FUD, Mak brings actionable knowledge to the table by focusing his curriculum on the highest impact practical problems in security and risk. The diversity of his professional experience means that you will not only get top-tier technical instruction on the applying data science to fraud problems, but will also get a rare opportunity to combine this with attacker economics and philosophy. This is not a course to miss.
I thought the material was relevant, well structured and presented, and the assignments were thoughtful and thought provoking.