References
Applied AI for Cybersecurity
This page provides a curated reading list for the module. The emphasis is on authoritative, reliable, and teaching-friendly sources that support a Level 6 course in applied AI for cybersecurity.
The readings are grouped into:
- core policy and curriculum references;
- week-by-week recommended readings;
- additional technical and contextual resources.
1. Core Curriculum and Guidance References
These sources help frame the module academically and professionally.
-
QAA Subject Benchmark Statement: Computing (2022)
A key UK reference for the academic standards and expectations of computing programmes. Useful for grounding the level, breadth, and critical focus of the module.
QAA Computing Benchmark Statement -
Warwick Module Descriptor: Artificial Intelligence for Cyber Security
A useful example of a university module that brings together AI, cybersecurity, practical application, and critical analysis.
Warwick AI for Cyber Security Module -
CyBOK Topic Guide: AI for Security
A strong conceptual guide for how AI techniques are used in cybersecurity contexts.
CyBOK AI for Security -
CyBOK Knowledge Guide: Security and Privacy of AI
A foundational source for adversarial machine learning, privacy attacks, and the security of AI systems.
CyBOK Security and Privacy of AI -
NIST AI 100-2e2025: Adversarial Machine Learning — A Taxonomy and Terminology
A highly reliable source for terminology and structured understanding of attacks and mitigations in adversarial machine learning.
NIST AML Taxonomy -
OWASP Top 10 for LLM Applications 2025
A widely used practical security guide to risks in large language model applications.
OWASP Top 10 for LLM Applications 2025 -
NCSC: AI and Cyber Security — What You Need to Know
A concise and trustworthy UK-focused reference on the opportunities and risks of AI in cybersecurity.
NCSC AI and Cyber Security Guidance -
ENISA: Artificial Intelligence and Cybersecurity Research
A helpful European perspective on both AI for cybersecurity and cybersecurity of AI.
ENISA AI and Cybersecurity Research
2. Week-by-Week Recommended Readings
Week 1 — Foundations of Applied AI for Cybersecurity
Core reading
- CyBOK, AI for Security
- NCSC, AI and Cyber Security: What You Need to Know
Why these matter
These readings establish the basic vocabulary of AI in cyber contexts and help students understand where AI fits into real security workflows, where it helps, and where caution is needed.
Suggested follow-up
- Warwick, Artificial Intelligence for Cyber Security module descriptor
- QAA, Computing Benchmark Statement
Week 2 — Data, Features, and Classical Machine Learning for Security Analytics
Core reading
- CyBOK, AI for Security
- Selected textbook or instructor-provided notes on:
- supervised learning;
- anomaly detection;
- model evaluation;
- class imbalance.
Recommended supporting textbooks
-
Géron, A.
Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow
A very accessible practical source for supervised learning, preprocessing, model evaluation, and hands-on workflows. -
Bishop, C. M.
Pattern Recognition and Machine Learning
A more formal but classic reference for students who want deeper theoretical foundations. -
James, G., Witten, D., Hastie, T., Tibshirani, R.
An Introduction to Statistical Learning
A very useful reference for classification, validation, and model comparison.
Suggested teaching note
For this week, it is often better to complement formal reading with an instructor-led notebook and structured lab handout.
Week 3 — Deep Learning and Generative AI in Cybersecurity
Core reading
- CyBOK, AI for Security
- OWASP, Top 10 for LLM Applications 2025
- NCSC, selected AI guidance material
Recommended supporting textbooks
-
Goodfellow, I., Bengio, Y., Courville, A.
Deep Learning
A classic deep learning reference. -
Instructor-selected introductory material on NLP and LLMs
Used for explaining why language models matter in cyber workflows such as alert summarisation, phishing analysis, and analyst support.
Suggested focus
Students should not try to become deep learning specialists in one week. The reading should support practical understanding of where deep learning and LLMs are useful, and what their limits are.
Week 4 — Attacking and Defending AI Systems
Core reading
- CyBOK, Security and Privacy of AI
- NIST, Adversarial Machine Learning — A Taxonomy and Terminology
- OWASP, Top 10 for LLM Applications 2025
Why these matter
These are the most important structured references for the “security of AI” side of the module. Together they cover evasion, poisoning, privacy attacks, model extraction, prompt injection, insecure output handling, and defensive thinking.
Suggested follow-up
- NCSC, Guidelines for Secure AI System Development
NCSC Secure AI Development Guidelines
Week 5 — Trustworthy Deployment, Governance, and Capstone Case Study
Core reading
- NCSC, AI and Cyber Security: What You Need to Know
- ENISA, Artificial Intelligence and Cybersecurity Research
- CyBOK, Security and Privacy of AI
Recommended additional reading
- NCSC, Why cyber defenders need to be ready for frontier AI
NCSC Frontier AI and Cyber Defence
Suggested focus
Students should use these readings to think beyond model performance and reflect on assurance, monitoring, governance, accountability, and deployment risk.
3. Recommended Books
The following books are suitable as broader supporting references.
-
Sarker, I. H.
AI-Driven Cybersecurity and Cyber Threat Intelligence
Useful for connecting machine learning and cybersecurity application areas. -
Géron, A.
Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow
Excellent for practical machine-learning workflows. -
Bishop, C. M.
Pattern Recognition and Machine Learning
Stronger theoretical depth. -
Goodfellow, I., Bengio, Y., Courville, A.
Deep Learning
Strong conceptual reference for neural methods. -
James, G., Witten, D., Hastie, T., Tibshirani, R.
An Introduction to Statistical Learning
Very suitable for upper-level students who need a clear route into model comparison and evaluation.
4. Journals and Venues for Advanced Reading
Students who want to explore beyond the taught material may consult papers from:
- IEEE Transactions on Information Forensics and Security
- IEEE Transactions on Dependable and Secure Computing
- IEEE/ACM Transactions on Networking
- Computers & Security
- Computer Networks
- Journal of Network and Computer Applications
- ACM CCS
- IEEE S&P
- NDSS
- USENIX Security
These are not required weekly readings, but they are useful for coursework, case studies, and independent research.
5. Suggested Referencing Practice for Students
Students should be encouraged to use a mix of:
- authoritative guidance documents;
- peer-reviewed academic papers;
- technically trustworthy standards or security bodies;
- course notes and lab outputs where appropriate.
Students should avoid relying heavily on:
- anonymous blog posts;
- marketing material from vendors;
- unsourced AI-generated claims;
- low-quality summaries without evidence.
6. Notes for This Course Website
A practical next step is to create one short reading section at the end of each weekly lecture page, linking directly back to the most relevant sources from this page.
For example:
- Week 1 → CyBOK AI for Security, NCSC AI guidance
- Week 2 → Géron, ISLR, selected notebook
- Week 3 → OWASP LLM Top 10, deep learning text, guided lab
- Week 4 → NIST AML taxonomy, CyBOK Security and Privacy of AI
- Week 5 → NCSC, ENISA, trustworthy deployment discussion
Summary
The references in this module are intentionally selective. The aim is not to overwhelm students with reading, but to give them a credible, current, and well-structured reading backbone for applied AI in cybersecurity.