Security Automation with GenAI

AI-driven cybersecurity threat detection system using Transformers.

Nov - Dec 2025• Team: SOC Intern Project• Role: AI Developer

About this Project

Security Automation with GenAI is a research-driven project exploring the intersection of deep learning and cybersecurity. It leverages state-of-the-art Transformer architectures and Adaptive Attention mechanisms to automate the detection of complex threats like SQL Injection, DDoS, and network intrusions, providing a robust defense framework for modern digital infrastructures.

Tech Stack

Python

TensorFlow

Keras

Transformers

Pandas

Scikit-learn

Adaptive Attention

Tools Used

VS Code

Jupyter Notebook

Google Colab

Wireshark

Key Features

Threat Intelligence

▸SQLi Transformer: Contextual learning model that recognizes malicious SQL patterns in HTTP requests.
▸Phishing BERT: Bidirectional analysis of URLs and email text to identify deceptive social engineering attempts.
▸Malware Classification: Network traffic sequence analysis to detect C2 communications.

Network Defense

▸Adaptive DDoS Protection: Real-time traffic analysis using dynamic attention weights for spike detection.
▸Intrusion Detection: High-precision classification of unauthorized access patterns using UNSW-NB15 datasets.
▸MitM Identification: Anomaly detection in communication sequences to identify packet interception.

Research Domains

▸Zero-Day Detection: Unsupervised learning approach to identify previously unmapped attack behaviors.
▸Ransomware Prediction: Sequence modeling for sudden encryption patterns in packet data.
▸Insider Threat Analysis: Comprehensive user activity log analysis for unusual access patterns.

Performance Analytics

▸Comprehensive Metrics: Evaluation using precision-recall curves, F1-scores, and confusion matrices.
▸Visual Insights: Deep data distribution analysis using Matplotlib and Seaborn.
▸Temporal Analysis: Understanding data flow over time to identify slow-burning APT (Advanced Persistent Threats).

Highlights

Transformer-Based SQLi Detection

Adaptive Attention for DDoS

Multi-Modal Data Fusion

Installation

Setup Environment

git clone https://github.com/Arfazrll/Security-Automation-GenAI.git
cd security-automation-ai-genai
# Recommended: use a virtual environment

Install Dependencies

pip install tensorflow pandas numpy matplotlib seaborn scikit-learn jupyter

Run Research Notebooks

cd [target_source_dir]
jupyter notebook
# Open the .ipynb files in the notebook subdirectory

Challenges & Solutions

Challenge

Signature-Based Limitations

Solution

Transformed security operations by implementing Transformer models that learn from behavior and context rather than static signatures.

Challenge

Dynamic Attack Patterns

Solution

Developed an Adaptive Attention mechanism that dynamically adjusts focus to specific traffic segments during active DDoS attempts.

Challenge

Multi-Modal Data Synchronization

Solution

Engineered a data fusion pipeline to integrate network traffic, file logs, and process behavior into a unified Transformer input layer.

Donasiaku

Web3 Guestbook DApp