A4 Article in conference proceedings
Analysing Multidimensional Strategies for Cyber Threat Detection in Security Monitoring (2024)


Shelke, P., & Hämäläinen, T. (2024). Analysing Multidimensional Strategies for Cyber Threat Detection in Security Monitoring. In M. Lehto (Ed.), Proceedings of the 23rd European Conference on Cyber Warfare and Security (23, pp. 748-755). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. https://doi.org/10.34190/eccws.23.1.2123


JYU authors or editors


Publication details

All authors or editorsShelke, Palvi; Hämäläinen, Timo

Parent publicationProceedings of the 23rd European Conference on Cyber Warfare and Security

Parent publication editorsLehto, Martti

Conference:

  • European Conference on Cyber Warfare and Security

Place and date of conferenceJyväskylä, Finland27.-28.6.2024

ISBN978-1-917204-06-4

eISBN978-1-917204-07-1

Journal or seriesProceedings of the European Conference on Cyber Warfare and Security

ISSN2048-8602

eISSN2048-8610

Publication year2024

Publication date21/06/2024

Volume23

Issue number1

Pages range748-755

Number of pages in the book847

PublisherAcademic Conferences International Ltd

Publication countryUnited Kingdom

Publication languageEnglish

DOIhttps://doi.org/10.34190/eccws.23.1.2123

Persistent website addresshttps://papers.academic-conferences.org/index.php/eccws/issue/view/33

Publication open accessOpenly available

Publication channel open accessOpen Access channel

Publication is parallel published (JYX)https://jyx.jyu.fi/handle/123456789/96198


Abstract

The escalating risk of cyber threats requires continuous advances in security monitoring techniques. This survey paper provides a comprehensive overview of recent research into novel methods for cyber threat detection, encompassing diverse approaches such as machine learning, artificial intelligence, behavioral analysis and anomaly detection. Machine learning plays a central role in cyber threat detection, highlighting the effectiveness of deep neural networks in identifying evolving threats. Their adaptability to changing attack patterns is emphasized, underlining their importance for real-time security monitoring. In parallel, ensemble learning is explored, combining multiple models to improve overall detection accuracy and create a robust defense against a spectrum of cyber threats. The literature reviewed highlights the importance of behavioral analysis, with a novel approach that integrates user behaviour profiling with anomaly detection. This has proven effective in identifying suspicious activity within a network, particularly insider threats and stealthy attacks. Another behavioral framework using User and Entity Behavior Analytics (UEBA) is presented for enhanced anomaly detection, highlighting the importance of context-aware monitoring in improving threat detection accuracy. Collaborative defense mechanisms emerge as a major focus of the research papers reviewed, exploring the potential of sharing threat information between organisations to enhance collective security monitoring. Their findings underscore the importance of a collaborative approach to staying ahead of rapidly evolving cyber threats. Some types of cyber-attacks are also analysed in the context of a security operations centre (SOC) monitoring environment using a security information and event management (SIEM) tool - Splunk. In conclusion, this survey paper synthesizes recent advances in cyber threat detection methods in security monitoring that integrate machine learning, behavioral analysis, and collaborative defense strategies. As cyber threats continue to evolve, these novel methods provide valuable insights for researchers, practitioners, and organisations seeking to strengthen their cybersecurity defenses. This concise overview emphasises the multi-dimensional approach required to secure digital ecosystems, providing a concise yet comprehensive guide to modern cyber threat detection strategies.


Keywordscyber securitysafety and securitymachine learningdata security

Free keywordsSIEM and splunk monitoring; security monitoring; machine learning; behavioral analysis; anomaly detection; threat intelligence


Contributing organizations


Ministry reportingYes

VIRTA submission year2024

Preliminary JUFO rating1


Last updated on 2024-14-09 at 20:05