An autoML network traffic analyzer for cyber threat detection

Timely detection and effective treatment of cyber-attacks for protecting personal and sensitive data from unauthorized disclosure constitute a core demand of citizens and a legal obligation of organizations that collect and process personal data. SMEs and organizations understand their obligation to comply with GDPR and protect the personal data they have in their possession. They invest in advanced and intelligent solutions to increase their cybersecurity posture. This article introduces a ground-breaking Network Traffic Analyzer, a crucial component of the Cyber-pi project's cyber threat intelligent information sharing architecture (CTI2SA). The suggested system, built on the Lambda (lambda) architecture, enhances active cybersecurity approaches for traffic analysis by combining batch and stream processing to handle massive amounts of data. The Network Traffic Analyzer's core module has an automatic model selection mechanism that selects the ML model with the highest performance among its rivals. The goal is to keep the architecture's overall threat identification capabilities functioning effectively.