A Severity-Aware Hybrid ML Model for Real- Time Cyber Threat Detection and Alerting

Abstract: The increasing dependence on digital authentication systems has increased the risk of unauthorized access and abnormal behavior. Many traditional security systems use fixed rules, which are not effective in detecting new or hidden cyber attacks. This paper presents a severity-aware hybrid machine learning system for real-time cyber threat detection and alerting based on login behavior. The system uses a Random Forest model along with an Isolation Forest model to identify suspicious login activities. Important features such as login time, location, failed attempts, and behavioral patterns are analyzed. Based on the level of risk, the system classifies threats into Low, Medium, and High severity levels. All detected threats are stored and displayed using an interactive dashboard, helping administrators monitor and respond to security issues effectively.

Keywords: Cybersecurity, Login Behavior Analysis, Anomaly Detection, Machine Learning, Random Forest, Isolation Forest, Severity Classification