Threat Intelligence Clustering Using Deep Embedded Clustering (Dec) for Adaptive Cyber Defense

The analysis of large cybersecurity data sets requires threat intelligence clustering because it produces better results for adaptive cyber defense systems. The deep learning approach of Deep Embedded Clustering (DEC) enhances the task of grouping complex threat patterns. K-means clustering, together with traditional methods, shows restricted success with high-dimensional and noisy data, which causes low accuracy rates. The research introduces a combined system using DEC that merges network features with clustering tasks in one deep neural network. Using autoencoders, threat data is simplified into a smaller version, while the clustering process improves its accuracy through repeated adjustments of a Kullback-Leibler (KL) divergence loss function. When DEC handles malware behaviour logs, it collects similar behaviours autonomously to detect previously unlabelled attack patterns successfully. DEC demonstrates superior performance compared to traditional algorithms by providing better accuracy, enhanced adaptability, and a broader generalisation of new threats, which improves real-time threat detection abilities.

Ҳали таржима қилинмаган