An AI Aided Synergetic Real-Time Cyber Threat Detection, Classification and Risk Assessment for IoT Ecosystem

In the era of smart devices and connected technologies, the sophisticated cyber threat demands a combination of real-time intrusion detection and active risk assessment. In this work, a cloud-based threat modeling framework has been proposed, combining Network Intrusion Detection Systems (NIDS) along with Automated Vulnerability Scanners (AVS) in order to improve security intelligence. The proposed system captures network traffic using centralized IoT Gateway. Further, the vulnerability scanning has been also performed using advanced tools such as Nmap & Hydra. Later, both network and vulnerability scan logs are periodically uploaded to Amazon S3 for centralized data logging which are further relayed to a machine learning algorithm implemented using AWS Sage Maker for anomaly detection, classification and real time risk assessment. It detects anomalies and classifies attacks which is combined with automated risk ranking with an accuracy of almost 99% which strengthens real-time threat monitoring as compared with other existing algorithms. It reflects a synergetic scalable solution for effective cyber threat mitigation for complex IoT ecosystem which can be utilized for real time intrusion detection in Security Operation Centers.