International Journal of Computer Applications |
Foundation of Computer Science (FCS), NY, USA |
Volume 186 - Number 69 |
Year of Publication: 2025 |
Authors: Benjamin Ghansah |
![]() |
Benjamin Ghansah . Automating Cybersecurity: Leveraging Event Logs for Real-Time Security Insights and Proactive Defense. International Journal of Computer Applications. 186, 69 ( Feb 2025), 23-30. DOI=10.5120/ijca2025924540
The growing complexity of cybersecurity and the limited availability of skilled professionals contribute to the vulnerability of systems. Security experts traditionally use event logs to evaluate system security, identify vulnerabilities, and uncover potential cyberattacks. Analyzing these logs can be challenging and lengthy, particularly for those without specialized expertise. To overcome this challenge, automated systems are crucial for assisting both security professionals and those without specialized knowledge in analyzing security events. This research presents a novel method for automating the process of extracting and utilizing knowledge from security event logs. A new framework is presented that combines Association Rule Mining and Causal Inference to identify patterns and causal relationships within event log data. By leveraging machine learning techniques, the system automatically extracts critical security information and translates it into actionable recommendations for non-expert users, eliminating the need for continuous human intervention. The framework was experimentally validated in a university network environment at the University of Education, Winneba (UEW), where it demonstrated 92% accuracy in event correlation, 95% accuracy in causal inference, and 85% usability for non-expert users. This proposed system provides a cost-effective and scalable solution for enhancing security across various environments, including small and large-scale ones. The proposed system significantly reduces the time and cost associated with manual log analysis, offering a scalable solution that can enhance security across small and large-scale environments. The findings highlight the potential of this method to improve system security while reducing reliance on specialized expertise, making it highly applicable in commercial contexts.