SentinelSphere: Integrating AI-Powered Real-Time Threat Detection with Cybersecurity Awareness Training

TL;DR

SentinelSphere is a unified AI-driven cybersecurity platform combining real-time threat detection with adaptive security training using advanced neural networks and large language models.

Contribution

It introduces a novel integrated system that enhances threat detection accuracy and provides accessible security education through innovative AI components.

Findings

Enhanced DNN achieved high detection accuracy with low false positives.

The LLM-based training module is effective on commodity hardware.

User validation confirmed the intuitiveness of visualization and AI assistant.

Abstract

The field of cybersecurity is confronted with two interrelated challenges: a worldwide deficit of qualified practitioners and ongoing human-factor weaknesses that account for the bulk of security incidents. To tackle these issues, we present SentinelSphere, a platform driven by artificial intelligence that unifies machine learning-based threat identification with security training powered by a Large Language Model (LLM). The detection module uses an Enhanced Deep Neural Network (DNN) trained on the CIC-IDS2017 and CIC-DDoS2019 benchmark datasets, enriched with novel HTTP-layer feature engineering that captures application level attack signatures. For the educational component, we deploy a quantised variant of Phi-4 model (Q4_K_M), fine-tuned for the cybersecurity domain, enabling deployment on commodity hardware requiring only 16 GB of RAM without dedicated GPU resources. Experimental results show that the Enhanced DNN attains high detection accuracy while substantially lowering false positives relative to baseline models, and maintains strong recall across critical attack categories such as DDoS, brute force, and web-based exploits. Validation workshops involving industry professionals and university students confirmed that the Traffic Light visualisation system and conversational AI assistant are both intuitive and effective for users without technical backgrounds. SentinelSphere illustrates that coupling intelligent threat detection with adaptive, LLM-driven security education can meaningfully address both technical and human-factor cybersecurity vulnerabilities within a single, cohesive framework.