This chapter gets into the techniques of data analytics, focusing on the three pillars of data mining, namely clustering, classification, and association rule mining, and how each can be used for cybersecurity. This chapter can be seen as a crash course in data mining. It begins with an understanding of the overall knowledge discovery and data mining process models and follows the elements of the data life cycle. This chapter outlines foundational elements such as measures of similarity and measures of evaluation. It outlines the landscape of various algorithms in clustering, classification, and frequent and rare patterns.

This chapter discusses several key directions such as data analytics in cyberphysical systems, multidomain mining, machine Learning concepts such as deep learning, generative adversarial networks, and challenges of model reuse. Last but not the least, the chapter closes with thoughts on ethical thinking in the data analytics process.

Focusing on what are anomalies are and more specifically what are anomalies in the cybersecurity domain, this chapter discusses some of the features of anomalies.

This chapter highlights the various types of cyberattacks and how data analytics methods can potentially be used to analyze these attacks.

This chapter brings in the human-centered data analytics perspective to cybersecurity.

Focusing on understanding sources of cybersecurity data, this chapter explores the end-to-end opportunities for data collection. It goes on to discuss the sources of cybersecurity data and how multiple datasets can be leveraged in understanding cyber threats.

This chapter focuses on techniques of detecting anomalies, starting with some of the basic statistical techniques and going into data analytics techniques.

Delving into the specifics of spatial and temporal analytics, this chapter explores topics such as spatial neighborhood and temporal evolution of large amounts of network traffic data.

This chapter extends the ideas of complex data by looking into cybersecurity through network and graph data.

This chapter introduces the basic concepts of cybersecurity and the data analytics perspective to cybersecurity. It lays out the areas of study and how data analytics should be a key part of the spectrum of cybersecurity solutions.

Focusing on the big data elements of cybersecurity, this chapter looks at the landscape of the big data technologies and the complexities of the different types of data, including spatial and graph data. It outlines examples in these complex data types and how they can be evaluated using data analytics.