TITLE:
Real-Time Cyber Monitoring and Threat Detection System with Hybrid AI Analysis
AUTHORS:
Ashley Audrey Innocent Yanguema, Chunyong Yin
KEYWORDS:
Network Anomaly Detection, Large Language Models (LLMs), Hybrid Artificial Intelligence, Automated Incident Response, Unsupervised Learning, Generative AI for Cybersecurity, Security Operations Center (SOC)
JOURNAL NAME:
Open Access Library Journal,
Vol.13 No.1,
January
15,
2026
ABSTRACT: Modern Security Operations Centers (SOCs) face the dual challenge of identifying zero-day threats in high-throughput network streams and mitigating analyst alert fatigue. This paper proposes Sentinel AI, a hybrid detection framework orchestrating unsupervised statistical learning with Large Language Model (LLM) reasoning. We introduce a novel dual-engine architecture: a low-latency Isolation Forest model for real-time anomaly filtration (
O(
n
)
complexity), and a semantic analysis engine utilizing Google Gemini Pro for context-aware threat interpretation and automated playbook execution. We present a reproducible reference architecture based on FastAPI and WebSocket streaming. Experimental validation on synthetic datasets demonstrating DDoS and data exfiltration patterns reveals that Sentinel AI achieves a 93% F1-score, significantly outperforming traditional signature-based baselines in zero-day scenarios, while reducing the cognitive load on analysts through natural language incident reporting.