AI-Powered Log Analysis for Proactive Threat Detection in Enterprise Networks
Keywords:
AI-powered log analysis, proactive threat detection, machine learning, anomaly detectionAbstract
AI powered log analysis has turn out to be a crucial component of modern security framework which enables proactive threat detection in enterprise network. The increasing amount of refined cyber threats makes it compulsory to use advanced analytical techniques that goes beyond traditional rule-based security system. This research paper investigates the implementation of machine learning based log analytics for a anomaly detection which focuses on platforms such as ELK (Elasticsearch, Logstash, Kibana) and NewRelic.
Downloads
References
I. Goodfellow, Y. Bengio, and A. Courville, Deep Learning. Cambridge, MA, USA: MIT Press, 2016.
Singu, Santosh Kumar. "Real-Time Data Integration: Tools, Techniques, and Best Practices." ESP Journal of Engineering & Technology Advancements 1.1 (2021): 158-172.
S. Kumari, "Agile Cloud Transformation in Enterprise Systems: Integrating AI for Continuous Improvement, Risk Management, and Scalability", Australian Journal of Machine Learning Research & Applications, vol. 2, no. 1, pp. 416-440, Mar. 2022
S. Kumari, "AI-Enhanced Agile Development for Digital Product Management: Leveraging Data-Driven Insights for Iterative Improvement and Market Adaptation", Adv. in Deep Learning Techniques, vol. 2, no. 1, pp. 49-68, Mar. 2022
Singu, Santosh Kumar. "Designing scalable data engineering pipelines using Azure and Databricks." ESP Journal of Engineering & Technology Advancements 1.2 (2021): 176-187.
S. Kumari, "AI-Driven Cybersecurity in Agile Cloud Transformation: Leveraging Machine Learning to Automate Threat Detection, Vulnerability Management, and Incident Response", J. of Art. Int. Research, vol. 2, no. 1, pp. 286-305, Apr. 2022
J. Brownlee, Anomaly Detection with Machine Learning: AI Techniques for Cybersecurity and Fraud Detection. Melbourne, Australia: Machine Learning Mastery, 2020.
K. Scarfone and P. Mell, “Guide to intrusion detection and prevention systems (IDPS),” National Institute of Standards and Technology (NIST), Tech. Rep. 800-94, 2007.
V. Chandola, A. Banerjee, and V. Kumar, “Anomaly detection: A survey,” ACM Computing Surveys, vol. 41, no. 3, pp. 1–58, 2009.
S. Choi, H. Kim, and S. Kim, “AI-based automated log analysis for detecting security breaches,” in Proc. IEEE Conf. Big Data Security on Cloud (BigDataSecurity), 2021, pp. 89–95.
J. Saxe and H. Sanders, Malware Data Science: Attack Detection and Attribution. No Starch Press, 2018.
D. S. Berman, A. L. Buczak, J. S. Chavis, and C. L. Corbett, “A survey of deep learning methods for cybersecurity,” Information, vol. 10, no. 4, pp. 122–138, 2019.
A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “Deep learning for log-based anomaly detection in industrial control systems,” IEEE Internet of Things Journal, vol. 8, no. 7, pp. 5570–5582, 2021.
R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” in Proc. IEEE Symp. Security and Privacy (SP), 2010, pp. 305–316.
T. Mikolov, I. Sutskever, K. Chen, G. S. Corrado, and J. Dean, “Distributed representations of words and phrases and their compositionality,” in Proc. Advances in Neural Information Processing Systems (NIPS), 2013, pp. 3111–3119.
S. R. Chowdhury, P. M. Ferreira, and T. H. Falk, “Deep learning-based SIEM log analysis for real-time cyber threat detection,” IEEE Transactions on Industrial Informatics, vol. 18, no. 6, pp. 4156–4167, 2022.
D. Wang and Y. Liu, “Anomaly detection in cybersecurity logs using AI-driven statistical learning,” IEEE Transactions on Network and Service Management, vol. 17, no. 3, pp. 2245–2258, 2020.
A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: Techniques, datasets, and challenges,” Cybersecurity, vol. 2, no. 1, pp. 1–22, 2019.
J. Jiang, R. Ranjan, and L. Wang, “AI-based federated learning for privacy-preserving threat intelligence sharing,” IEEE Transactions on Information Forensics and Security, vol. 18, pp. 2301–2317, 2023.
