Automating Cybersecurity: Analysis of Network Logs using Machine Learning and a Web Application

This thesis aims to enhance the usage of automated network traffic analysis for identifying coordinated attacker groups, which is crucial for cybersecurity operations. Network traffic analysis involves monitoring and analyzing network traffic data to spot security concerns. The proposed machine learning framework that was already developed, DarkVec, can automatically recognize groups of IP addresses that work together and categorize network traffic, using supervised machine learning techniques. The suggested web application can improve the effectiveness of network traffic analysis, reducing the impact of cyberattacks and strengthening overall cybersecurity posture of a network. The proposed framework has the potential to reduce the time and resources required for network traffic analysis and improve the accuracy and reliability of the analysis results. The thesis will evaluate the effectiveness of the proposed framework using real-world network traffic data and compare the result of manual analysis and an automated one using the web application developed. This research will contribute to the development of more effective and efficient network traffic analysis techniques, with applications in the field of cybersecurity in particular network security.