AI-Driven Log Summarization for Security Operations Centers: A Web-Based Approach Using Gemini API
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V6I3P117Keywords:
Security Operations Center (SOC), Log Summarization, Generative AI, Gemini API, Node.js, React.js, CybersecurityAbstract
In today's cybersecurity landscape, Security Operations Centers (SOCs) face the growing challenge of managing and interpreting vast volumes of unstructured log data generated from diverse sources. Traditional rule-based monitoring approaches are often inefficient and inadequate in handling this scale, leading to delays in threat detection and response. This work presents a scalable, AI-powered log summarization platform that integrates Google’s Gemini 1.5 Flash model within a full-stack web application to automate the extraction of security-relevant insights from log files. Built using React.js, Node.js, and MongoDB, the system enables SOC analysts to upload log files in various formats (.log, .txt, .docx) and receive real-time, human-readable summaries highlighting anomalies such as brute-force attacks, suspicious IP activity, and data exfiltration attempts. The backend handles secure file parsing, AI prompt generation, summarization via Gemini API, and summary storage with associated metadata. Experimental evaluations demonstrate low-latency summarization across file types, with average response times under four seconds, validating the platform’s efficiency and practicality for real-world SOC environments. This solution significantly reduces manual analysis effort, enhances threat visibility, and introduces a flexible, extensible framework for AI-enhanced cybersecurity operations
References
[1] D. Vavpotič, S. Bala, J. Mendling, and T. Hovelja, “Software Process Evaluation from User Perceptions and Log Data,” J. Softw. Evol. Process, vol. 34, no. 4, pp. 1–14, Apr. 2022, doi: 10.1002/smr.2438.
[2] A. Abhishek and P. Khare, “Cloud Security Challenges: Implementing Best Practices for Secure SaaS Application Development,” Int. J. Curr. Eng. Technol., vol. 11, no. 06, Nov. 2021, doi: 10.14741/ijcet/v.11.6.11.
[3] Vikas Prajapati, “Role of Identity and Access Management in Zero Trust Architecture for Cloud Security: Challenges and Solutions,” Int. J. Adv. Res. Sci. Commun. Technol., vol. 5, no. 3, pp. 6–18, Mar. 2025, doi: 10.48175/IJARSCT-23902.
[4] V. Thangaraju, “Security Considerations in Multi-Cloud Environments with Seamless Integration: A Review of Best Practices and Emerging Threats,” Trans. Eng. Comput. Sci., vol. 12, no. 2, pp. 1–6, 2024.
[5] K. S. Jeon, S. J. Park, S. H. Chun, and J. B. Kim, “A study on the big data log analysis for security,” Int. J. Secur. its Appl., 2016, doi: 10.14257/ijsia.2016.10.1.02.
[6] M. Wurzenberger, F. Skopik, R. Fiedler, and W. Kastner, “Discovering insider threats from log data with high-performance bioinformatics tools,” in MIST 2016 - Proceedings of the International Workshop on Managing Insider Security Threats, co-located with CCS 2016, 2016. doi: 10.1145/2995959.2995973.
[7] V. S. Thokala, “Improving Data Security and Privacy in Web Applications : A Study of Serverless Architecture,” Int. Res. J., vol. 11, no. 12, pp. 74–82, 2024.
[8] S. P. Kalava, “Enhancing Software Development with AI-Driven Code Reviews,” North Am. J. Eng. Res., vol. 5, no. 2, pp. 1–7, 2024.
[9] D. Tovarňák, S. Špaček, and J. Vykopal, “Traffic and log data captured during a cyber defense exercise,” Data Br., 2020, doi: 10.1016/j.dib.2020.105784.
[10] V. Prajapati, “Cloud-Based Database Management : Architecture , Security , challenges and solutions,” J. Glob. Res. Electron. Commun., vol. 1, no. 1, 2025.
[11] Suhag Pandya, “Innovative blockchain solutions for enhanced security and verifiability of academic credentials,” Int. J. Sci. Res. Arch., vol. 6, no. 1, pp. 347–357, Jun. 2022, doi: 10.30574/ijsra.2022.6.1.0225.
[12] S. A. Chamkar, Y. Maleh, and N. Gherabi, “Security Operations Centers: Use Case Best Practices, Coverage, and Gap Analysis Based on MITRE Adversarial Tactics, Techniques, and Common Knowledge,” J. Cybersecurity Priv., vol. 4, no. 4, pp. 777–793, Sep. 2024, doi: 10.3390/jcp4040036.
[13] S. P. Godavari Modalavalasa, “Exploring Azure Security Center: A Review of Challenges and Opportunities in Cloud Security,” ESP J. Eng. Technol. Adv., vol. 2, no. 2, pp. 176–182, 2022, doi: 10.56472/25832646/JETA-V2I2P120.
[14] M. Vielberth, F. Bohm, I. Fichtinger, and G. Pernul, “Security Operations Center: A Systematic Study and Open Challenges,” IEEE Access, 2020, doi: 10.1109/ACCESS.2020.3045514.
[15] V. Panchal, “Mobile SoC Power Optimization : Redefining Performance with Machine Learning Techniques,” IJIRSET, vol. 13, no. 12, pp. 1–17, 2024, doi: 10.15680/IJIRSET.2024.1312117.
[16] H. Mistry, K. Shukla, and N. Patel, “Transforming Incident Responses, Automating Security Measures, and Revolutionizing Defence Strategies through AI-Powered Cybersecurity,” J. Emerg. Technol. Innov. Res., vol. 11, no. 3, pp. h38–h45, 2024.
[17] R. de Céspedes and G. Dimitoglou, “Development of a Virtualized Security Operations Center,” J. Comput. Sci. Coll., 2021.
[18] V. S. Thokala, “A Comparative Study of Data Integrity and Redundancy in Distributed Databases for Web Applications,” Int. J. Res. Anal. Rev., vol. 8, no. 4, pp. 383–389, 2021.
[19] S. B. Shah, “Machine Learning for Cyber Threat Detection and Prevention in Critical Infrastructure,” Dep. Oper. Bus. Anal. Inf. Syst. (OBAIS, vol. 2, no. 2, pp. 1–7, 2025, doi: 10.5281/zenodo.14955016.
[20] Y. Lu, “LogSage: Log Summarization Assistant with Guided Enhancement,” in Proceedings of the 40th ACM/SIGAPP Symposium on Applied Computing, New York, NY, USA: Association for Computing Machinery, 2025, pp. 1979–1981.
[21] K. S. Saurabh Pahune, Zahid Akhtar, Venkatesh Mandapati, “The Importance of AI Data Governance in Large Language Models,” Preprints, 2025.
[22] M. C. Saurabh Pahune, “Several categories of large language models (llms): A short survey,” arXiv, 2023, doi: arXiv preprint arXiv:2307.10188.
[23] E. Ferragut and N. Braden, “System log summarization via semi-Markov models of inter-arrival times,” in ACM International Conference Proceeding Series, 2011. doi: 10.1145/2179298.2179346.
[24] V. Thangaraju, “Enhancing Web Application Performance and Security Using AI-Driven Anomaly Detection and Optimization Techniques,” Int. Res. J. Innov. Eng. Technol., vol. 9, no. 3, p. 8, 2025.
[25] S. Locke, H. Li, T.-H. P. Chen, W. Shang, and W. Liu, “LogAssist: Assisting Log Analysis Through Log Summarization,” IEEE Trans. Softw. Eng., vol. 48, no. 9, pp. 3227–3241, 2022, doi: 10.1109/TSE.2021.3083715.
[26] S. Grizan and S. Gurun, “On-Device Log Summarization Using Artificial Intelligence to Improve Crash Analysis,” 2024.
[27] B. P. Woolf, “Implementation Of A Gemini-Driven Adaptive Learning System For Personalized Online Education,” vol. 13, no. 6, pp. 11–18, 2025.
[28] M. Menghnani, “Modern Full Stack Development Practices for Scalable and Maintainable Cloud-Native Applications,” Int. J. Innov. Sci. Res. Technol., vol. 10, no. 2, pp. 1206–1216, 2025, doi: 10.5281/zenodo.14959407.
[29] R. Shrivastav, S. Shahane, T. S. Hydri, M. V Akre, and Z. D. Amin, “Exploring potential of Gemini with AI based content generator,” Int. J. Res. Comput. Inf. Technol., vol. 2, no. 1, pp. 68–72, 2024, doi: 10.5281/zenodo.11207604.
[30] S. P. B. and G. Modalavalasa, “Advancements in Cloud Computing for Scalable Web Development: Security Challenges and Performance Optimization,” J. Comput. Technol. Int. J., vol. 13, no. 12, pp. 01–07, 2024.
[31] S. Sesha and S. Neeli, “Data Protection in the Digital Age : SOC Audit Protocols and Encryption in Database Security,” ESP Int. J. Adv. Comput. Technol., vol. 2, no. 3, pp. 167–172, 2024, doi: 10.56472/25838628/IJACT-V2I3P115.
[32] A. Mohsin, H. Janicke, A. Ibrahim, I. Sarker, and S. Camtepe, “A Unified Framework for Human AI Collaboration in Security Operations Centers with Trusted Autonomy,” 2025. doi: 10.48550/arXiv.2505.23397.
[33] Ismail et al., “Toward Robust Security Orchestration and Automated Response in Security Operations Centers with a Hyper-Automation Approach Using Agentic Artificial Intelligence,” Information, vol. 16, no. 5, 2025, doi: 10.3390/info16050365.
[34] D. Park, B. Min, S. Lim, and B. Kim, “ATIRS: Towards Adaptive Threat Analysis with Intelligent Log Summarization and Response Recommendation,” Electronics, vol. 14, no. 7, p. 1289, Mar. 2025, doi: 10.3390/electronics14071289.
[35] S. Afridi and A. Abbas, “AI and Machine Learning-Driven SOC Operations: Transforming Cyber Security Efficiency,” 2024. doi: 10.13140/RG.2.2.10444.53122.
[36] S. Balaji, D. Puspita, S. Sriram, and S. Ragul, “AI Enhanced Anomaly Detection of System Logs in Cyber Security,” in 2024 International Conference on System, Computation, Automation and Networking (ICSCAN), IEEE, Dec. 2024, pp. 1–6. doi: 10.1109/ICSCAN62807.2024.10894286.
[37] P. Balasubramanian, J. Seby, and P. Kostakos, “CYGENT: A cybersecurity conversational agent with log summarization powered by GPT-3,” in 2024 3rd International Conference on Artificial Intelligence For Internet of Things (AIIoT), IEEE, May 2024, pp. 1–6. doi: 10.1109/AIIoT58432.2024.10574658.
[38] P. Mudgal and R. Wouhaybi, “An Assessment of ChatGPT on Log Data,” in Communications in Computer and Information Science, 2024. doi: 10.1007/978-981-99-7587-7_13.
[39] V. Komperla, P. Deenadhayalan, P. Ghuli, and R. Pattar, “React: A detailed survey,” Indones. J. Electr. Eng. Comput. Sci., 2022, doi: 10.11591/ijeecs.v26.i3.pp1710-1717.
[40] M. Kumawat, V. Shrivastava, A. Pandey, and S. Kumar, “International Journal of Research Publication and Reviews Node . Js Review : A Comprehensive Overview of the JavaScript Runtime Environment,” Int. J. Res. Publ. Rev., vol. 5, no. 4, pp. 268–270, 2024.
[41] A. Mardan, “Starting with Express.js,” 2014, pp. 3–14. doi: 10.1007/978-1-4842-0037-7_1.
[42] A. Sharma, V. Shrivastava, A. Pandey, and E. A. Sharma, “International Journal of Research Publication and Reviews Providing Authentication using JSON Web Tokens for Enhancing User Security,” vol. 5, no. 4, pp. 5309–5312, 2024.
[43] S. Naik, R. D. Dandagwhal, C. N. Wani, and S. K. Giri, “A review on various aspects of auxetic materials,” AIP Conf. Proc., vol. 2105, no. 05, pp. 90–92, 2019, doi: 10.1063/1.5100689.
