AI-driven Data Analytics for Cyber Threat Intelligence and Anomaly Detection

AI-driven Data Analytics for Cyber Threat Intelligence and Anomaly Detection

연구 분야: Safety

학회: 2025 3rd International Conference on Advancement in Computation & Computer Technologies (InCACCT)

Cyber threats are evolving rapidly, making traditional malware detection approaches insufficient in handling sophisticated attacks such as zero-day exploits, polymorphic malware, and advanced persistent threats. As a solution to these problems, this study presents a novel hybrid AI-based data analysis framework for cyber threat intelligence and anomaly detection. We specifically proposed a model that combines autoencoders, random forests, and CNN-LSTM architectures to improve anomaly detection and classification. The dataset used for training and evaluation is the Microsoft Malware Dataset, a publicly available dataset. The AE-RF module learns the normal behavior of the system to detect abnormal behavior, and the CNN-LSTM model identifies spatial and temporal properties of malware for execution patterns. This article ensures that the dataset is well-preprocessed, including feature extraction, PCA, and SMOTE for class balancing to provide optimal model performance. The experimental results show that AE-RF has an area under curve (AUC) score of 0.91 and CNN-LSTM has 0.94, which demonstrates that unsupervised and supervised techniques together have high classification accuracy. This hybrid approach not only improves malware detection accuracy but also enhances cyber threat intelligence by providing interpretable insights into attack patterns. The study concludes that integrating multiple AI techniques can significantly improve cybersecurity defenses against evolving threats, paving the way for real-time, AI-powered malware detection solutions.