DOCTORAL CANDIDATE
Sara Pelinku

SUPERVISORS
Kavé Salamatian, University of Savoie Mont Blanc (USMB)
Olaf Maennel, The University of Adelaide (UoA)
Kaie Maennel, The University of Adelaide (UoA)

Computer science, cyber security, heterogenous data, data visualisation, artificial intelligence, machine learning

Modern Security Operations Centers (SOCs) are critically hindered by the syntactic diversity of heterogeneous log data. Traditional, brittle parsers fail on novel formats, creating crucial visibility gaps for security analytics. This thesis confronts this challenge by proposing a two-stage deep learning framework. The primary contribution is a novel system leveraging a Large Language Model (LLM) for zero-shot log parsing. This component is designed to interpret and structure logs from unknown sources without format-specific training, transforming previously opaque data into high-fidelity intelligence.

The framework’s second stage fuses this structured technical data with contextual weak signals from Open-Source Intelligence (OSINT). This cross-modal approach moves beyond simple anomaly detection to the proactive characterization of novel cyber threats. The methodology involves a quantitative benchmark of the LLM parser against state-of-the-art baselines, followed by a retrospective case study validating the full framework’s ability to generate an operational threat profile mapped to MITRE ATT&CK® tactics.

The expected outcome is a new, adaptive log processing paradigm that provides SOCs with a powerful tool to eliminate blind spots, reduce alert fatigue, and achieve a more proactive security posture by understanding emerging threats with unprecedented context and accuracy.