AI-Driven CORE Exploitation Pattern Discovery using Honeypot Data

Cyberattacks are becoming more sophisticated, but most existing detection systems still lack context on attacker behavior and evolving techniques, often leading to delayed responses. My research aims to address this by developing a tailored threat detection model that leverages real-time data from honeypots and simulated environments.

So far, I’ve worked on preprocessing and analyzing the data, and applied clustering methods like DBSCAN to uncover core attack patterns. I’m also exploring the use of Generative AI with Retrieval-Augmented Generation (RAG) to create a system where a fine-tuned language model can retrieve and explain attack patterns from a knowledge base. The overall goal is to move toward a more proactive, intelligent cybersecurity system that can support better decision-making.