Intelligent System Log Analysis for Cybersecurity: Implementing Advanced Anomaly Detection

Intelligent System Log Analysis for Cybersecurity: Implementing Advanced Anomaly Detection

연구 분야: Safety

학회: 2025 International Conference on Emerging Technologies in Engineering Applications (ICETEA)

Detecting anomalies in log information is vital for safeguarding digital infrastructures., as unusual patterns may indicate potential security threats. As log data volume and complexity grow., Security Operations Center (SOC) analysts face increasing difficulty in responding swiftly. This study explores AI-driven anomaly detection., focusing on the Isolation Forest algorithm. It integrates Endpoint Detection and Response (EDR) tools., pivoting techniques., process tree analysis., and summarization methods to enhance threat detection. Additionally., it develops process tree frameworks and provides actionable insights for SOC analysts. The findings show that AI-based log analysis can address current limitations and improve the detection of advanced threats. The paper concludes by highlighting key outcomes and suggesting directions for future work.