A4 Article in conference proceedings
Analysing Multidimensional Strategies for Cyber Threat Detection in Security Monitoring (2024)
Shelke, P., & Hämäläinen, T. (2024). Analysing Multidimensional Strategies for Cyber Threat Detection in Security Monitoring. In M. Lehto (Ed.), Proceedings of the 23rd European Conference on Cyber Warfare and Security (23, pp. 748-755). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. https://doi.org/10.34190/eccws.23.1.2123
JYU authors or editors
Publication details
All authors or editors: Shelke, Palvi; Hämäläinen, Timo
Parent publication: Proceedings of the 23rd European Conference on Cyber Warfare and Security
Parent publication editors: Lehto, Martti
Conference:
- European Conference on Cyber Warfare and Security
Place and date of conference: Jyväskylä, Finland, 27.-28.6.2024
ISBN: 978-1-917204-06-4
eISBN: 978-1-917204-07-1
Journal or series: Proceedings of the European Conference on Cyber Warfare and Security
ISSN: 2048-8602
eISSN: 2048-8610
Publication year: 2024
Publication date: 21/06/2024
Volume: 23
Issue number: 1
Pages range: 748-755
Number of pages in the book: 847
Publisher: Academic Conferences International Ltd
Publication country: United Kingdom
Publication language: English
DOI: https://doi.org/10.34190/eccws.23.1.2123
Persistent website address: https://papers.academic-conferences.org/index.php/eccws/issue/view/33
Publication open access: Openly available
Publication channel open access: Open Access channel
Publication is parallel published (JYX): https://jyx.jyu.fi/handle/123456789/96198
Abstract
The escalating risk of cyber threats requires continuous advances in security monitoring techniques. This survey paper provides a comprehensive overview of recent research into novel methods for cyber threat detection, encompassing diverse approaches such as machine learning, artificial intelligence, behavioral analysis and anomaly detection. Machine learning plays a central role in cyber threat detection, highlighting the effectiveness of deep neural networks in identifying evolving threats. Their adaptability to changing attack patterns is emphasized, underlining their importance for real-time security monitoring. In parallel, ensemble learning is explored, combining multiple models to improve overall detection accuracy and create a robust defense against a spectrum of cyber threats. The literature reviewed highlights the importance of behavioral analysis, with a novel approach that integrates user behaviour profiling with anomaly detection. This has proven effective in identifying suspicious activity within a network, particularly insider threats and stealthy attacks. Another behavioral framework using User and Entity Behavior Analytics (UEBA) is presented for enhanced anomaly detection, highlighting the importance of context-aware monitoring in improving threat detection accuracy. Collaborative defense mechanisms emerge as a major focus of the research papers reviewed, exploring the potential of sharing threat information between organisations to enhance collective security monitoring. Their findings underscore the importance of a collaborative approach to staying ahead of rapidly evolving cyber threats. Some types of cyber-attacks are also analysed in the context of a security operations centre (SOC) monitoring environment using a security information and event management (SIEM) tool - Splunk. In conclusion, this survey paper synthesizes recent advances in cyber threat detection methods in security monitoring that integrate machine learning, behavioral analysis, and collaborative defense strategies. As cyber threats continue to evolve, these novel methods provide valuable insights for researchers, practitioners, and organisations seeking to strengthen their cybersecurity defenses. This concise overview emphasises the multi-dimensional approach required to secure digital ecosystems, providing a concise yet comprehensive guide to modern cyber threat detection strategies.
Keywords: cyber security; safety and security; machine learning; data security
Free keywords: SIEM and splunk monitoring; security monitoring; machine learning; behavioral analysis; anomaly detection; threat intelligence
Contributing organizations
Ministry reporting: Yes
VIRTA submission year: 2024
Preliminary JUFO rating: 1
Parent publication with JYU authors: