Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis
Intrusion detection systems utilize the analysis of log data to effectively detect anomalies. However, detecting anomalies quickly and effectively in large and heterogeneous log data can be challenging. To address this difficulty, this study proposes the GLSTM (Graph-based Long Short-Term Memory) fr...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Akif AKGUL
2023-11-01
|
| Series: | Chaos Theory and Applications |
| Subjects: | |
| Online Access: | https://dergipark.org.tr/en/download/article-file/3355185 |
| _version_ | 1797295303876935680 |
|---|---|
| author | Yuksel Celık Yusuf Alaca Sanjay Goel |
| author_facet | Yuksel Celık Yusuf Alaca Sanjay Goel |
| author_sort | Yuksel Celık |
| collection | DOAJ |
| description | Intrusion detection systems utilize the analysis of log data to effectively detect anomalies. However, detecting anomalies quickly and effectively in large and heterogeneous log data can be challenging. To address this difficulty, this study proposes the GLSTM (Graph-based Long Short-Term Memory) framework, a graph-based deep learning model that analyzes log data to detect cyber-attacks rapidly and effectively. The framework involves standardizing the complex and diverse log data, training this data on an artificial intelligence model, and detecting anomalies. Initially, the complex and diverse log data is transformed into graph data using Node2Vec, enabling efficient and rapid analysis on the artificial intelligence model. Subsequently, these graph data are trained using LSTM (Long Short-Term Memory), Bi-LSTM, and GRU(Gated Recurrent Unit) deep learning algorithms. The proposed framework is tested using Hadoop’s HDFS dataset, collected from different systems and heterogeneous sources, as well as the BGL and IMDB datasets. Experimental results on the selected datasets demonstrate high levels of success. |
| first_indexed | 2024-03-07T21:45:46Z |
| format | Article |
| id | doaj.art-caaad7157bb4451192494f7ad7660ecf |
| institution | Directory Open Access Journal |
| issn | 2687-4539 |
| language | English |
| last_indexed | 2024-03-07T21:45:46Z |
| publishDate | 2023-11-01 |
| publisher | Akif AKGUL |
| record_format | Article |
| series | Chaos Theory and Applications |
| spelling | doaj.art-caaad7157bb4451192494f7ad7660ecf2024-02-25T19:10:00ZengAkif AKGULChaos Theory and Applications2687-45392023-11-015318819710.51537/chaos.13483021971Anomaly Detection in Cyber Security with Graph-Based LSTM in Log AnalysisYuksel Celık0Yusuf Alaca1Sanjay Goel2KARABUK UNIVERSITYHITIT UNIVERSITYUniversity at AlbanyIntrusion detection systems utilize the analysis of log data to effectively detect anomalies. However, detecting anomalies quickly and effectively in large and heterogeneous log data can be challenging. To address this difficulty, this study proposes the GLSTM (Graph-based Long Short-Term Memory) framework, a graph-based deep learning model that analyzes log data to detect cyber-attacks rapidly and effectively. The framework involves standardizing the complex and diverse log data, training this data on an artificial intelligence model, and detecting anomalies. Initially, the complex and diverse log data is transformed into graph data using Node2Vec, enabling efficient and rapid analysis on the artificial intelligence model. Subsequently, these graph data are trained using LSTM (Long Short-Term Memory), Bi-LSTM, and GRU(Gated Recurrent Unit) deep learning algorithms. The proposed framework is tested using Hadoop’s HDFS dataset, collected from different systems and heterogeneous sources, as well as the BGL and IMDB datasets. Experimental results on the selected datasets demonstrate high levels of success.https://dergipark.org.tr/en/download/article-file/3355185anomaly detectiongraphnode2vecdeep learningcyber securityhdfs |
| spellingShingle | Yuksel Celık Yusuf Alaca Sanjay Goel Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis Chaos Theory and Applications anomaly detection graph node2vec deep learning cyber security hdfs |
| title | Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis |
| title_full | Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis |
| title_fullStr | Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis |
| title_full_unstemmed | Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis |
| title_short | Anomaly Detection in Cyber Security with Graph-Based LSTM in Log Analysis |
| title_sort | anomaly detection in cyber security with graph based lstm in log analysis |
| topic | anomaly detection graph node2vec deep learning cyber security hdfs |
| url | https://dergipark.org.tr/en/download/article-file/3355185 |
| work_keys_str_mv | AT yukselcelık anomalydetectionincybersecuritywithgraphbasedlstminloganalysis AT yusufalaca anomalydetectionincybersecuritywithgraphbasedlstminloganalysis AT sanjaygoel anomalydetectionincybersecuritywithgraphbasedlstminloganalysis |