Publication
Next‐Generation Network Management: Harnessing AI to Automate Operations
| datacite.subject.fos | Engenharia e Tecnologia::Outras Engenharias e Tecnologias | |
| dc.contributor.advisor | Fuentes, Daniel Alexandre Lopes | |
| dc.contributor.advisor | Frazão, Luís Alexandre Lopes | |
| dc.contributor.advisor | Correia, Luís Filipe Jesus | |
| dc.contributor.advisor | Costa, Nuno Alexandre Ribeiro da | |
| dc.contributor.advisor | Pereira, António Manuel de Jesus | |
| dc.contributor.author | Vieira, Gabriel Madeira | |
| dc.date.accessioned | 2025-11-26T09:57:22Z | |
| dc.date.available | 2025-11-26T09:57:22Z | |
| dc.date.issued | 2025-10-31 | |
| dc.description.abstract | Cybersecurity infrastructures face constant challenges, including increasingly sophisticated threats, the rising costs of Security Operations Centres (SOCs), and a growing shortage of skilled professionals. To address these issues, this dissertation proposes an AI-based architectural framework designed to automate network security and enhance threat mitigation. The proposed framework integrates Software-Defined Networking (SDN) and Security Information and Event Management (SIEM) with AI-driven Intrusion Detection and Prevention Systems (IDS/IPS). It incorporates a lightweight Large Language Model (LLM) under 4GB, trained on MikroTik documentation to translate user intent into network commands. In addition, several machine learning models are trained and evaluated for real-time threat detection, supported by a digital twin and a sandbox for configuration testing. Three specialised datasets from scraped documentation and available APIs—pretraining, QA, and reasoning—were developed, totalling 74,482 records. A web interface and REST APIs provide accessibility. Experimental results show that the AI models achieve a 74% LLM generated command execution success rate, substantially surpassing the 8% untrained baseline, and the selected machine learning classifier attains a 94.84% F1-score for threat detection, thereby supporting the validity of the proposed approach. This proposed architecture demonstrates how AI-driven automation can offer organisations a scalable, cost-effective, and practical alternative to traditional SOCs, which are often resource-intensive and require specialized personnel, strengthening resilience against contemporary cybersecurity threats and enabling multi-vendor support through adaptable data sources. | eng |
| dc.identifier.tid | 204057582 | |
| dc.identifier.uri | http://hdl.handle.net/10400.8/14727 | |
| dc.language.iso | por | |
| dc.rights.uri | http://creativecommons.org/licenses/by/4.0/ | |
| dc.subject | Cybersecurity | |
| dc.subject | AI-driven security | |
| dc.subject | Network automation | |
| dc.subject | Large language models | |
| dc.subject | Intrusion detection | |
| dc.subject | Software-defined networking | |
| dc.title | Next‐Generation Network Management: Harnessing AI to Automate Operations | |
| dc.type | master thesis | |
| dspace.entity.type | Publication | |
| thesis.degree.name | Mestrado em Cibersegurança e Informática Forense |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- Dissertation__Next_Generation_Network_Management.pdf
- Size:
- 11.86 MB
- Format:
- Adobe Portable Document Format
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 1.32 KB
- Format:
- Item-specific license agreed upon to submission
- Description: