Logo do repositório
 
Miniatura
Publicação

Next‐Generation Network Management: Harnessing AI to Automate Operations

2025-10-31Dissertação de mestrado Acesso embargado
http://hdl.handle.net/10400.8/14727
Utilize este identificador para referenciar este registo.
Nome:Descrição:Tamanho:Formato: 
Dissertation__Next_Generation_Network_Management.pdf11.86 MBAdobe PDF Ver/Abrir

Autores

Vieira, Gabriel Madeira

Orientador(es)

Fuentes, Daniel Alexandre Lopes
Frazão, Luís Alexandre Lopes
Correia, Luís Filipe Jesus
Costa, Nuno Alexandre Ribeiro da
Pereira, António Manuel de Jesus

Resumo(s)

Cybersecurity infrastructures face constant challenges, including increasingly sophisticated threats, the rising costs of Security Operations Centres (SOCs), and a growing shortage of skilled professionals. To address these issues, this dissertation proposes an AI-based architectural framework designed to automate network security and enhance threat mitigation. The proposed framework integrates Software-Defined Networking (SDN) and Security Information and Event Management (SIEM) with AI-driven Intrusion Detection and Prevention Systems (IDS/IPS). It incorporates a lightweight Large Language Model (LLM) under 4GB, trained on MikroTik documentation to translate user intent into network commands. In addition, several machine learning models are trained and evaluated for real-time threat detection, supported by a digital twin and a sandbox for configuration testing. Three specialised datasets from scraped documentation and available APIs—pretraining, QA, and reasoning—were developed, totalling 74,482 records. A web interface and REST APIs provide accessibility. Experimental results show that the AI models achieve a 74% LLM generated command execution success rate, substantially surpassing the 8% untrained baseline, and the selected machine learning classifier attains a 94.84% F1-score for threat detection, thereby supporting the validity of the proposed approach. This proposed architecture demonstrates how AI-driven automation can offer organisations a scalable, cost-effective, and practical alternative to traditional SOCs, which are often resource-intensive and require specialized personnel, strengthening resilience against contemporary cybersecurity threats and enabling multi-vendor support through adaptable data sources.

Descrição

Palavras-chave

Cybersecurity AI-driven security Network automation Large language models Intrusion detection Software-defined networking

URI

http://hdl.handle.net/10400.8/14727

Contexto Educativo

Citação

Projetos de investigação

Unidades organizacionais

Fascículo

Editora

Coleções

ESTG - Mestrado em Cibersegurança e Informática Forense

Licença CC

cclicense-by