CFP last date
21 April 2025
Call for Paper
May Edition
IJCA solicits high quality original research papers for the upcoming May edition of the journal. The last date of research paper submission is 21 April 2025

Submit your paper
Know more
Reseach Article

Automating Cybersecurity: Leveraging Event Logs for Real-Time Security Insights and Proactive Defense

by Benjamin Ghansah
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 186 - Number 69
Year of Publication: 2025
Authors: Benjamin Ghansah
10.5120/ijca2025924540

Benjamin Ghansah . Automating Cybersecurity: Leveraging Event Logs for Real-Time Security Insights and Proactive Defense. International Journal of Computer Applications. 186, 69 ( Feb 2025), 23-30. DOI=10.5120/ijca2025924540

@article{ 10.5120/ijca2025924540,
author = { Benjamin Ghansah },
title = { Automating Cybersecurity: Leveraging Event Logs for Real-Time Security Insights and Proactive Defense },
journal = { International Journal of Computer Applications },
issue_date = { Feb 2025 },
volume = { 186 },
number = { 69 },
month = { Feb },
year = { 2025 },
issn = { 0975-8887 },
pages = { 23-30 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume186/number69/automating-cybersecurity-leveraging-event-logs-for-real-time-security-insights-and-proactive-defense/ },
doi = { 10.5120/ijca2025924540 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-02-25T22:58:14.542500+05:30
%A Benjamin Ghansah
%T Automating Cybersecurity: Leveraging Event Logs for Real-Time Security Insights and Proactive Defense
%J International Journal of Computer Applications
%@ 0975-8887
%V 186
%N 69
%P 23-30
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The growing complexity of cybersecurity and the limited availability of skilled professionals contribute to the vulnerability of systems. Security experts traditionally use event logs to evaluate system security, identify vulnerabilities, and uncover potential cyberattacks. Analyzing these logs can be challenging and lengthy, particularly for those without specialized expertise. To overcome this challenge, automated systems are crucial for assisting both security professionals and those without specialized knowledge in analyzing security events. This research presents a novel method for automating the process of extracting and utilizing knowledge from security event logs. A new framework is presented that combines Association Rule Mining and Causal Inference to identify patterns and causal relationships within event log data. By leveraging machine learning techniques, the system automatically extracts critical security information and translates it into actionable recommendations for non-expert users, eliminating the need for continuous human intervention. The framework was experimentally validated in a university network environment at the University of Education, Winneba (UEW), where it demonstrated 92% accuracy in event correlation, 95% accuracy in causal inference, and 85% usability for non-expert users. This proposed system provides a cost-effective and scalable solution for enhancing security across various environments, including small and large-scale ones. The proposed system significantly reduces the time and cost associated with manual log analysis, offering a scalable solution that can enhance security across small and large-scale environments. The findings highlight the potential of this method to improve system security while reducing reliance on specialized expertise, making it highly applicable in commercial contexts.

References
  1. A. Alabdulatif and N. N. Thilakarathne, "Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them," Computers, vol. 14, no. 1, p. 24, 2025.
  2. S. K. Shandilya, A. Datta, Y. Kartik, and A. Nagar, "Achieving Digital Resilience with Cybersecurity," in Digital Resilience: Navigating Disruption and Safeguarding Data Privacy: Springer, 2024, pp. 43-123.
  3. A. A. Fadele, A. Rocha, E. J. Ahmed, and A. Ibrahim, "Cybersecurity Model for Intelligent Cloud Computing Systems," Available at SSRN 4970422.
  4. M. Andreoni, W. T. Lunardi, G. Lawton, and S. Thakkar, "Enhancing autonomous system security and resilience with generative AI: A comprehensive survey," IEEE Access, 2024.
  5. H. Attar, "Joint IoT/ML platforms for smart societies and environments: a review on multimodal information-based learning for safety and security," ACM Journal of Data and Information Quality, vol. 15, no. 3, pp. 1-26, 2023.
  6. B. Ghansah, "The impact of cyberbullying on the youth: The Ghanaian perspective," International Journal of Computer Application, vol. 183, no. 48, pp. 38-45, 2022.
  7. T. Rahman, "Data-Driven Decision Making in Modern Business Management," Review Journal for Management & Social Practices, vol. 1, no. 4, pp. 56-72, 2024.
  8. H. Balisane, E. Egho-Promise, E. Lyada, F. Aina, A. Sangodoyin, and H. Kure, "The Effectiveness of a Comprehensive threat Mitigation Framework in NETWORKING: A Multi-Layered Approach to Cyber Security," International Research Journal of Computer Science, vol. 11, no. 06, pp. 529-538, 2024.
  9. D. Chatziamanetoglou and K. Rantos, "Cyber Threat Intelligence on Blockchain: A Systematic Literature Review," Computers, vol. 13, no. 3, p. 60, 2024.
  10. B. M. Ampel, S. Samtani, H. Zhu, H. Chen, and J. F. Nunamaker Jr, "Improving threat mitigation through a cybersecurity risk management framework: A computational design science approach," Journal of Management Information Systems, vol. 41, no. 1, pp. 236-265, 2024.
  11. R. Kaur, D. Gabrijelčič, and T. Klobučar, "Artificial intelligence for cybersecurity: Literature review and future research directions," Information Fusion, vol. 97, p. 101804, 2023.
  12. J. Yu, A. V. Shvetsov, and S. H. Alsamhi, "Leveraging machine learning for cybersecurity resilience in industry 4.0: Challenges and future directions," IEEE Access, 2024.
  13. A. P. Joshi, Linked data for software security concepts and vulnerability descriptions. University of Maryland, Baltimore County, 2013.
  14. B. Ben-Bright, Y. Zhan, B. Ghansah, R. Amankwah, D. K. Wornyo, and E. Ansah, "Taxonomy and a theoretical model for feedforward neural networks," International Journal of Computer Applications, vol. 975, p. 8887, 2017.
  15. B. Ghansah, S. Wu, and N. Ghansah, "Rankboost-based result merging," in 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, 2015: IEEE, pp. 907-914.
  16. M. E. Whitman and H. J. Mattord, Principles of information security. Cengage Learning, 2021.
  17. M. A. Diefenbach and H. Leventhal, "The common-sense model of illness representation: Theoretical and practical considerations," Journal of social distress and the homeless, vol. 5, no. 1, pp. 11-38, 1996.
  18. W. Ning, "Addressing cognitive challenges in design: a designers’ perspective," University of Cambridge, 2022.
  19. Y. Zhang, R. Frank, N. Warkentin, and N. Zakimi, "Accessible from the open web: a qualitative analysis of the available open-source information involving cyber security and critical infrastructure," Journal of Cybersecurity, vol. 8, no. 1, p. tyac003, 2022.
  20. E. A. Smith, "The role of tacit and explicit knowledge in the workplace," Journal of knowledge Management, 2001.
  21. L. Muhammad, E. Garba, N. Oye, G. Wajiga, and A. Garko, "Fuzzy rule-driven data mining framework for knowledge acquisition for expert system," in Translational Bioinformatics in Healthcare and Medicine: Elsevier, 2021, pp. 201-214.
  22. A. Majeed, F. Ahmad, M. Alam, and N. Javaid, "Near-miss situation based visual analysis of SIEM rules for real time network security monitoring," Journal of Ambient Intelligence and Humanized Computing, vol. 10, no. 4, pp. 1509-1526, 2019.
  23. T. Walter and I. D. Couzin, "TRex, a fast multi-animal tracking system with markerless identification, and 2D estimation of posture and visual fields," Elife, vol. 10, p. e64000, 2021.
  24. Y. Huangfu, S. Habibi, and A. Wassyng, "System Failure Detection Using Deep Learning Models Integrating Timestamps With Nonuniform Intervals," IEEE Access, vol. 10, pp. 17629-17640, 2022.
  25. C. S. Lin et al., "Satellite in‐situ electron density observations of the midlatitude storm enhanced density on the noon meridional plane in the F region during the 20 November 2003 magnetic storm," Journal of Geophysical Research: Space Physics, p. e2021JA029831, 2022.
  26. P. A. Sarkodie, Z. K. Zhang, B. B. Benuwa, B. Ghansah, and E. Ansah, "A survey of advanced marine communication and navigation technologies: developments and strategies," International Journal of Engineering Research in Africa, vol. 34, pp. 102-115, 2018.
  27. M. Peña, F. Biscarri, E. Personal, and C. León, "Decision Support System to Classify and Optimize the Energy Efficiency in Smart Buildings: A Data Analytics Approach," Sensors, vol. 22, no. 4, p. 1380, 2022.
  28. N. Sharaf, S. Abdennadher, and T. Frühwirth, "A rule-based approach for animating java algorithms," in 2016 20th International Conference Information Visualisation (IV), 2016: IEEE, pp. 141-145.
  29. M. R. Grimaila, J. Myers, R. F. Mills, and G. Peterson, "Design and analysis of a dynamically configured log-based distributed security event detection methodology," The Journal of Defense Modeling and Simulation, vol. 9, no. 3, pp. 219-241, 2012.
  30. T. Zhang, H. Qiu, G. Castellano, M. Rifai, C. S. Chen, and F. Pianese, "System log parsing: A survey," IEEE Transactions on Knowledge and Data Engineering, vol. 35, no. 8, pp. 8596-8614, 2023.
  31. S. Khan and S. Parkinson, "Discovering and utilising expert knowledge from security event logs," Journal of Information Security and Applications, vol. 48, p. 102375, 2019.
  32. F. Martínez-Plumed, E. Gómez, and J. Hernández-Orallo, "Futures of artificial intelligence through technology readiness levels," Telematics and Informatics, vol. 58, p. 101525, 2021.
Index Terms

Computer Science
Information Sciences

Keywords

Computer security Event logs Association rule mining Knowledge management Information acquisition