Automating Unauthorized Access Attempts Detection and Handling Using Robotic Process Automation

Automating Unauthorized Access Attempts Detection and Handling Using Robotic Process Automation

Nowadays, the term "hyperautomation" gets more popular when referring to emerging automation technologies enhanced with artificial intelligence capabilities to automate processes more efficiently than traditional means. One of the core technologies that hyperautomation is based on is Robot...

Full description

Saved in:
Bibliographic Details
Main Author: AlNaaji, Hani Mahdi Mohammad
Format: Dissertation
Language:English
Published: ProQuest Dissertations & Theses 01-01-2022
Subjects:
Artificial intelligence
Computer science
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Nowadays, the term "hyperautomation" gets more popular when referring to emerging automation technologies enhanced with artificial intelligence capabilities to automate processes more efficiently than traditional means. One of the core technologies that hyperautomation is based on is Robotic Process Automation (RPA), which refers to the software tools used to configure scripts (robots) to interact with the user interface elements to mimic human users actions. Despite the many benefits of automation, delivering a successful automated process using traditional solutions is often challenging because it requires complex coding and integration with legacy systems, unlike RPA, which is a lightweight technology that doesn't require alternating the underlying architecture. In enterprise systems, one process that increasingly gets automated is security incident response because it usually involves repetitive and time-consuming tasks. This thesis aims to develop a robotic process to automate detecting, handling, and reporting malicious access events. We first assessed the potential of automating this process using RPA to evaluate its suitability and feasibility for automation. Then, because this process includes incident detection using machine learning, we used the automated machine learning (AutoML) library to select the best classification model capable of scoring the access logs. After that, we executed the automation workflow where the robot reads the scored log file to identify malicious access and acts accordingly. To evaluate our work, we measured the execution time of processing several log files (including detection and handling steps). We found that the average time taken from the robot is significantly less than the time needed by human analysts. In addition to that, we presented our methodology to security experts using semi-structured interviews to validate the research qualitatively. They agreed that RPA has the potential to provide successful automation for security processes.
ISBN:9798368461878