Leverging graphbased Analysis and Deep learning for Dynamic cloud forensic profiling operations

Leverging graphbased Analysis and Deep learning for Dynamic cloud forensic profiling operations

연구 분야: Analysis

학회: ICIMMI '23: Proceedings of the 5th International Conference on Information Management & Machine Intelligence

As cloud computing environments become increasingly complex and ubiquitous, the need for robust, real-time, and adaptive forensic capabilities becomes paramount. Cloud-based threats continue to evolve, thereby challenging traditional forensic methods. The inadequacy of existing techniques not only compromises security but also hampers the timely identification of cyber threats, leading to potentially severe financial and operational consequences. Current approaches to cloud forensics often rely on isolated data sources and traditional machine learning techniques, which limit their adaptability and contextual awareness. These methods suffer from several limitations, including a lack of real-time processing capabilities, insufficient coverage of heterogeneous data sources, and limited effectiveness in handling dynamic cloud configurations. This paper presents a novel framework that leverages Long Short-Term Memory (LSTM) based Graph Analysis for relational data processing, Deep Q-Network (DQN) for intelligent decision-making, and Gated Recurrent Units (GRU) coupled with Recurrent Neural Networks (RNN) for dynamic user profiling operations. This synergistic approach offers a unique combination of adaptability, real-time processing operations, and deep contextual understandings. We demonstrate that our framework improves the precision of attack event classification by 4.5%, accuracy by 8.3%, recall by 4.9%, and the Area under the Curve (AUC) by 5.5% across various scenarios. These advancements contribute significantly to minimizing false positives and false negatives, enhancing real-time threat identification and user-specific anomaly detection processes. By addressing the shortcomings of existing methods, this paper paves the way for a new generation of adaptive, efficient, and effective cloud forensic systems, thereby significantly augmenting the security posture of modern cloud computing environments.