Authors :

Mehdi Esfahani and Hossein Ghasemi

Address :

Department of Computer Engineering, Sharif University of Technology, Azadi Avenue, Tehran, Iran.

Department of Information Technology, Ferdowsi University of Mashhad, Azadi Square, Mashhad, Iran.

Abstract :

The increasing frequency of cyberattacks has made anomaly detection in cybersecurity logs a vital area of research. Pattern mining models are commonly used to uncover suspicious behavior hidden within massive log data. However, existing anomaly detection methods often suffer from issues such as low detection accuracy, high false alarm rates, and poor optimization of pattern relevance. To address these challenges, this paper proposes a novel Bald Eagle Search Optimized Pattern Mining (BES-OPM) framework. Inspired by the intelligent foraging behavior of bald eagles, the BES algorithm is utilized to optimize the pattern mining process by enhancing feature selection and reducing noise, enabling efficient identification of significant log patterns. The BES-OPM model extracts frequent and rare patterns from system logs and detects deviations that indicate potential security breaches. This approach is efficient for identifying complex threats such as insider attacks and advanced persistent threats. Experimental results show that the proposed method outperforms existing techniques in terms of accuracy (85 %) and Detection (21%). The findings demonstrate the potential of BES-OPM as a robust and intelligent model for anomaly detection in cybersecurity systems.

Keywords :

Anomaly Detection, Bald Eagle Search, Pattern Mining, Cybersecurity Logs, Optimization Algorithm, Insider Threats.

DOI :