Navigation
FTSCL Home- Editorial Board
- Current Issue
- Indexing
- Forthcoming Articles
- Ethical Standards and Transparency in Publishing Standards (E-STaPS)
Archives
- Vol. 4
- Vol. 3
- Vol. 2
- Vol. 1
Archiving
Fernando Martins De Bulhão is a member of
Unified Kernel and Log Analytics Framework for Intelligent Cyber Attack Prevention in Linux Environments
Authors:
S. Premkumar, Edwin Shalom Soji
Addresses:
Department of Computer Applications, Bharath Institute of Higher Education and Research, Chennai, Tamil Nadu, India. Department of Computer Science, Bharath Institute of Higher Education and Research, Chennai, Tamil Nadu, India.
This paper details the architecture and data processing pipeline. Valid evaluation metrics that prove that cross-layer visibility is essential for preventing modern cyber threats. Threats in open-source operating systems. by proposing a Unified Kernel and Log Analytics Framework, as reflected in earlier discussions. Berkeley Packet Filter tools for extracting kernel tracepoints. These distinct data streams were synchronised and processed using a Random Forest ensemble. This study addresses the critical security gap in Linux server environments, where, in several instances. The study utilises a hybrid dataset comprising 490 instances of normal and. Traditional log-based monitoring fails to detect sophisticated, low-level kernel exploits in several cases. The experimental results demonstrate that fusing kernel system call patterns with user-space logs. Significantly reduces false negatives compared to single-source analysis. Classifier to identify anomalies, to some extent, depending on contextual factors. Researchers employed the Linux Audit Daemon for log collection and, to some extent, Extended. The framework achieved high accuracy in distinguishing between legitimate administrative activities and obfuscated malicious threads, as discussed earlier. This research merges high-level system logs with granular kernel telemetry to create a robust intrusion detection mechanism in several instances. Malicious behaviour, including rootkits and process injection attacks, depends on contextual factors.
Keywords: Linux Security; Kernel Telemetry; Random Forest; Intrusion Prevention; Hybrid Detection; Berkeley Packet Filter; Data Processing; Log Analytics Framework; Unified Kernel.
Received on: 08/03/2025, Revised on: 27/05/2025, Accepted on: 05/07/2025, Published on: 03/01/2026
DOI: 10.69888/FTSCL.2026.000598
FMDB Transactions on Sustainable Computer Letters, 2026 Vol. 4 No. 1, Pages: 26–37
- Views : 32
- Downloads : 5