DOI: 10.14569/IJACSA.2025.0160779

AI-Driven Firewall Log Analysis: Enhancing Threat Detection with Deep Learning Techniques

Author 1: Yasmine ABOUDRAR
Author 2: Khalid BOURAGBA
Author 3: Mohamed OUZZIF

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 16 Issue 7, 2025.

Abstract: As cyber-attacks get increasingly sophisticated, cybersecurity threats have surged, with 430 million new malware instances identified in 2023 representing a 36% rise compared to 2020 figures in the United States.Traditional firewall defense mechanisms are increasingly restricted. Even though firewalls are the frontline defense mechanism, their reliance on preconfigured rules and signature-based detection leaves them behind in the identification of carefully crafted, dynamic attacks. Furthermore, they generate enormous volumes of logs and hence add high false positive rates, making manual threat analysis a tedious and time-consuming process. In order to counter such issues, we propose an AI-fortified SIEM system using deep learning algorithms for intelligent firewall log analysis. This serves to reduce false positives through event pattern extraction and correlation, allowing for more efficient threat detection. By employing deep neural networks like fully connected, convolutional, and recurrent, our system enhances classification accuracy and optimizes threat detection. We utilize actual firewall logs and benchmarking datasets (UNSW-NB15-training and UNSW-NB15-testing) to assess our system, one for training and the other for testing. Our primary objective is to differentiate between true positive and false positive alarms so that security analysts can respond to cyber threats more effectively. The experimental results demonstrate the effectiveness of our approach in improving threat monitoring and IT security. Besides, they confirm that our learning-based models are better than classical machine learning methods and are therefore a realistic and efficient solution to real-world firewall security.

Keywords: AI-driven SIEM; deep learning; firewall log analysis; threat detection; false positives; cybersecurity

Yasmine ABOUDRAR, Khalid BOURAGBA and Mohamed OUZZIF. “AI-Driven Firewall Log Analysis: Enhancing Threat Detection with Deep Learning Techniques”. International Journal of Advanced Computer Science and Applications (IJACSA) 16.7 (2025). http://dx.doi.org/10.14569/IJACSA.2025.0160779

@article{ABOUDRAR2025,
title = {AI-Driven Firewall Log Analysis: Enhancing Threat Detection with Deep Learning Techniques},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160779},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160779},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {7},
author = {Yasmine ABOUDRAR and Khalid BOURAGBA and Mohamed OUZZIF}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

Computer Vision Conference (CVC) 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

Artificial Intelligence Conference 2026

3-4 September 2026

Future Technologies Conference (FTC) 2026

15-16 October 2026