Contact Us
Journal Statistics & Approval Details
Recent Published Paper
Our Author's Feedback
 •  SJIF Impact Factor: 8.067       •  ISRA Impact Factor 7.894       •  Hard Copy of Certificates to All Authors       •  DOI by Crossref for all Published Papers       •  Soft Copy of Certificates- Within 04 Hours       •  Authors helpline No: +91-8813907089(Whatsapp)       •  No Publication Fee for Paper Submission       •  Hard Copy of Certificates to all Authors       •  UGC Approved Journal: IJRASET- Click here to Check       •  Conference on 18th and 19th Dec at Sridevi Womens Engineering College     
ISSN: 2321-9653
Estd : 2013

Ijraset Journal For Research in Applied Science and Engineering Technology

Cyber Threat Alert Detection

Authors: T. Ammannamma , I. Chandana , K. Keerthana , P. Greeshma

DOI Link: https://doi.org/10.22214/ijraset.2025.68760

Certificate: View Certificate

Abstract

Cyber threats are rapidly evolving, demanding sophisticated defense mechanisms. This paper presents a novel cyber threat detection system leveraging Artificial Neural Networks (ANNs) to enhance intrusion detection capabilities. The system incorporates data preprocessing techniques, including feature scaling, encoding, and dimensionality reduction, to optimize ANN performance. A state-of-the-art ANN model is employed to analyze network traffic, identify anomalies, and detect intrusions in real-time. The system integrates with MongoDB for efficient data storage and retrieval, facilitating further analysis and reporting. By harnessing the adaptability and learning capabilities of ANNs, the proposed system aims to provide a robust, scalable, and efficient solution for detecting emerging cyber threats while minimizing false positives. The results demonstrate significant improvements in detection accuracy and response time compared to traditional methods, contributing to the advancement of AI-powered cybersecurity solutions.

Introduction

Traditional cybersecurity solutions, such as signature-based and heuristic techniques, struggle to keep pace with rapidly evolving cyber threats like advanced persistent threats (APTs) and zero-day exploits. These methods are effective against known threats but are limited in detecting new or rapidly changing attack patterns. To address these challenges, a study proposes an Artificial Neural Network (ANN)-based framework for intelligent and adaptive cyber threat identification.

Key Features of the Proposed System

  • Adaptive Threat Detection: The system utilizes machine learning to analyze both historical and real-time network data, enabling it to detect risks such as Distributed Denial-of-Service (DDoS) attacks, unauthorized access, and data exfiltration—even when attack signatures are unknown.

  • Continuous Learning: The ANN model continuously examines system activity and network data, improving detection accuracy and reducing false positives over time.

  • Real-Time Alerts and Simplified Analysis: Integration with MongoDB ensures efficient data storage and retrieval, facilitating real-time warnings and simplified analysis.

  • Scalability and Adaptability: The scalable solution goes beyond conventional techniques, providing robust defense against both known and unknown cyber threats by identifying complex patterns and adapting to new threats.

System Architecture

The system architecture comprises four key layers:

  1. User Interface Layer: Provides a dashboard for user interaction, displaying real-time alerts, threat reports, and analytics results.

  2. Application Layer: Houses machine learning models that analyze network traffic for anomalies and known attack patterns.

  3. Data Layer: Stores raw data such as network traffic logs and threat intelligence data for analysis.

  4. Integration Layer: Interacts with external security systems and threat intelligence sources to enhance detection and response capabilities.

Methodology

The proposed cyber threat detection system is based on a robust and comprehensive framework that ensures smooth and efficient integration of different components to enhance security. Key components include:

  • User Interface (UI): Developed using modern frontend frameworks like React.js or Angular, providing real-time threat detection alerts, visualization of system metrics, and customizable threat rules.

  • Data Collection & Log Aggregation: Aggregates data from various sources, including network traffic, system logs, and external threat intelligence feeds, supporting multiple data sources like Syslog, SNMP traps, and network devices.

  • Data Storage: Utilizes MongoDB or PostgreSQL for secure data storage, with Elasticsearch facilitating the search and analysis of large data volumes.

  • Threat Detection Engine: Employs advanced algorithms, including statistical models like Isolation Forest, signature-based intrusion detection using tools like Snort and Suricata, and heuristic methods powered by machine learning models.

  • Real-Time Data Processing: Handles stream processing on network traffic and system logs, detecting suspicious patterns and providing real-time notifications for potential threats.

  • Alert Management & Notification System: Tracks and alerts users to detected threats, with notifications delivered through email, SMS, or messaging applications.

  • Reporting & Analytics: Provides insights into system performance, detected threats, and incident response actions through periodic and on-demand reports, utilizing tools like Grafana, Kibana, and Tableau.

  • System Monitoring & Maintenance: Monitors system performance, including CPU, memory, and disk usage, alerting for system failures or performance issues, and ensuring scheduled updates to threat detection models and signatures.

Results and Analysis

The system demonstrates the ability to detect cyber threats using a trained dataset, with predictions of anomalies along with timestamps, showcasing its effectiveness in identifying and responding to potential security incidents.

In summary, the proposed ANN-based cyber threat detection system offers a comprehensive and adaptive solution to modern cybersecurity challenges, combining advanced machine learning techniques with efficient data handling to protect organizational networks against a wide range of cyber threats.

Sources

 

Conclusion

In conclusion the design and prototyping of Cyber Threat Detection System that aims to improve the security posture of organiza-tions by identifying and countering threats as they occur. It utilizes a combination of network traffic captures, user activity record-ings, and machine learning tools, to identify threats, anomalies, and then assigns a severity level to the threat. The integration of automatic mitigation methods such as isolation of a compromised network and sending alerts, allows appropriate actions to be done to the compromised network to limit further damage. The capability of the system to monitor computer networks in real time, analyze information, and make predictions about possible attacks enables a more robust style of cybersecurity. Visualization tools reduce the time security teams take to understand a problem and to address it. Although this substantial system provides an excellent basis for responding to threats in the cyberspace, future directions are to look for more advanced machine learning models, use a broader spectrum of security tools and improve the system’s scalability to serve the needs of contemporary networks

References

[1] Rehman, F., Mushtaq, F., & Zaman, H. (2024, October). A Host-based Intrusion Detection: Using Signature-based and AI driven Anomaly Detection for Enhanced Cybersecurity. [2] Sabar, N. R., Yi, X., & Song, A. (2018). A bi-objective hyper-heuristic support vector machines for big data cyber-security. [3] Lee, J., Kim, J., Kim, I., & Han, K. (2019). Cyber threat detection based on artificial neural networks using event profiles. [4] Danish, M. (2024). Enhancing Cyber Security through Predictive Analytics: Real-Time Threat Detection and Response. [5] Greiman, V. (2023, June). Known unknowns: the inevitability of cyber attacks. In European Conference on Cyber Warfare and Security (Vol. 22, No. 1, pp. 223-231). [6] Sivaraman, K. (2024, April). The Cutting-Edge Machine Learning Techniques for Seamless and Proactive Automation in Cybersecurity. [7] Ohtahara, S., Kamiyama, T., & Oyama, Y. (2009, October). Anomaly-based Intrusion Detection System Sharing Normal Behavior Databases among Different Machines. [8] Mohamed, A., Heilala, J., & Madonsela, N. S. (2023, August). Machine Learning-Based Intrusion Detection Systems for Enhancing Cybersecurity. [9] Han, J., Beheshti, M., Kowalski, K., Ortiz, J., & Tomelden, J. (2009, April). Component-based Software architecture design for Network Intrusion detection and prevention system. [10] Kwon, H. Y., Kim, T., & Lee, M. K. (2022). Advanced intrusion detection combining signature-based and behavior-based detection methods. Electronics, 11(6), 867. [11] Rajendran, T., Imtiaz, N. M., Jagadeesh, K., & Sampathkumar, B. (2024, April). Cybersecurity Threat Detection Using Deep Learning and Anomaly Detection Techniques.

Download Paper

Paper Id : IJRASET68760

Publish Date : 2025-04-12

ISSN : 2321-9653

Publisher Name : IJRASET

DOI Link : Click Here

Whatsapp Submit Paper Online