SentinelSphere: Integrating AI-Powered Real-Time Threat Detection with Cybersecurity Awareness Training
This work addresses cybersecurity vulnerabilities for organizations and individuals by combining technical detection with human training, though it appears incremental as it builds on existing methods like DNNs and LLMs.
The paper tackles the dual challenges of cybersecurity skill shortages and human-factor vulnerabilities by introducing SentinelSphere, an AI platform that integrates machine learning-based threat detection with LLM-powered security training. Experimental results show the detection module achieves high accuracy and low false positives on benchmark datasets, while validation workshops confirm the educational components are effective for non-technical users.
The field of cybersecurity is confronted with two interrelated challenges: a worldwide deficit of qualified practitioners and ongoing human-factor weaknesses that account for the bulk of security incidents. To tackle these issues, we present SentinelSphere, a platform driven by artificial intelligence that unifies machine learning-based threat identification with security training powered by a Large Language Model (LLM). The detection module uses an Enhanced Deep Neural Network (DNN) trained on the CIC-IDS2017 and CIC-DDoS2019 benchmark datasets, enriched with novel HTTP-layer feature engineering that captures application level attack signatures. For the educational component, we deploy a quantised variant of Phi-4 model (Q4_K_M), fine-tuned for the cybersecurity domain, enabling deployment on commodity hardware requiring only 16 GB of RAM without dedicated GPU resources. Experimental results show that the Enhanced DNN attains high detection accuracy while substantially lowering false positives relative to baseline models, and maintains strong recall across critical attack categories such as DDoS, brute force, and web-based exploits. Validation workshops involving industry professionals and university students confirmed that the Traffic Light visualisation system and conversational AI assistant are both intuitive and effective for users without technical backgrounds. SentinelSphere illustrates that coupling intelligent threat detection with adaptive, LLM-driven security education can meaningfully address both technical and human-factor cybersecurity vulnerabilities within a single, cohesive framework.