The application of Big Data Analytics is identified through the Cyber Research Alliance for cybersecurity as the foremost preference for future studies and advancement in the field of cybersecurity. In this study, we develop a repeatable procedure for detecting cyber-attacks in an accurate, scalable, and timely manner. An in-depth learning algorithm is utilized for training a neural network for detecting suspicious user activities. The proposed system architecture was implemented with the help of Splunk Enterprise Edition 6.42. A data set of average feature counts has been executed through a Splunk search command in 1-min intervals. All the data sets consisted of a minute trait total derived from a sparkling file. The attack patterns that were not anonymized or were indicative of the vulnerability of cyber-attack were denoted with yellow. The rule-based method dispensed a low quantity of irregular illustrations in contrast with the Partitioning Around Medoids method. The results in this study demonstrated that using a proportional collection of instances trained with the deep learning algorithm, a classified data set can accurately detect suspicious behavior. This method permits for the allocation of multiple log source types through a sliding time window and provides a scalable solution, which is a much-needed function.

大数据分析的应用被网络安全网络研究联盟确定为网络安全领域未来研究和进步的首要选择。在这项研究中，我们开发了一种可重复的程序，以准确、可扩展和及时的方式检测网络攻击。深度学习算法用于训练神经网络以检测可疑用户活动。建议的系统架构是在 Splunk Enterprise Edition 6.42 的帮助下实施的。已通过 Splunk 搜索命令以 1 分钟的间隔执行一组平均特征计数数据。所有的数据集都包含从一个闪闪发光的文件中获得的一个微小的特征总数。未匿名或表明网络攻击脆弱性的攻击模式用黄色表示。与 Partitioning Around Medoids 方法相比，基于规则的方法分配了少量的不规则插图。本研究的结果表明，使用经过深度学习算法训练的实例的比例集合，分类数据集可以准确地检测可疑行为。该方法允许通过滑动时间窗口分配多种日志源类型，并提供可扩展的解决方案，这是一个非常需要的功能。