Abstract
This paper will present an innovative system method of IPR (IP Address Reputation) validation with the assistance of clause of (ML) machine learning for discovering malicious IPs, while also viewing the importance of security of installed applications on AWS (Amazon Web Services) servers. The ML, SANS and Abuse DB datasets that were verified are being integrated through the Wazuh Security Operation Centre (SOC) stage to consume issues at the log ingesting IP address-related level. Having integrated extraction of IPs Wazuh agents, the output does match MITRE ATT&CK framework-filtered IP address from the Wazuh SOC. These algorithms and models based on natural language processing will flag suspicious patterns across IPs through the process of machine learning and prevent the event of a cyber attack at the time. This integration not only boosts cybersecurity information through a single point source of distribution, but it also provides security finds and other resources to prove and maintain awareness against malicious IPs. The final solution includes using the maximum amounts of bad IPs blocking in the ‘IP-List’ of AWS WAF and, if they are added to the Blacklist automatically, checking them through an automatic ML-based signature validation process.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call