A real-time, collaborative host-based intrusion detection system leveraging bigbird embeddings and Deep q-learning

Abstract

This dissertation presents a smart system for detecting cyber-attacks on computers by analyzing system activity in real time. The system focuses on information collected from Linux operating systems and uses recent advances in artificial intelligence to identify suspicious behavior. It processes system logs, transforms them into a form that a machine can understand, and uses a learning agent to decide whether the activity is normal or potentially harmful. The system improves over time by learning from its own experience. It is designed to respond quickly to threats while minimizing false alarms, and it can be deployed across different machines to share knowledge. Overall, this work aims to provide a modern and adaptive solution for enhancing computer security.