Developed Lightweight Endpoint Detection and Response Prototype Using Machine Learning for Efficient Threat Detection and Prioritization

Authors

  • Mary Chiamaka Ekwughaonu Department of Cyber Security, Faculty of Computing, Air Force Institute of Technology, Kaduna, Nigeria
  • Theophilus Aniemeka Enem Department of Cyber Security, Faculty of Computing, Air Force Institute of Technology, Kaduna, Nigeria
  • Freeman Bitrus Bitrus Department of Cyber Security, Faculty of Computing, Air Force Institute of Technology, Kaduna, Nigeria
  • Okoroafor Chinedu David Department of Cyber Security, Faculty of Computing, Air Force Institute of Technology, Kaduna, Nigeria

DOI:

https://doi.org/10.70112/ajcst-2026.15.1.4382

Keywords:

Endpoint Detection, Machine Learning, MITRE ATT&CK, Response

Abstract

The rising frequency of zero-day and advanced persistent threats highlights the need for effective cybersecurity solutions for resource-limited endpoints. This study aimed to develop a lightweight endpoint detection and response (EDR) prototype using machine learning for efficient threat detection and prioritization. The prototype integrated Convolutional Neural Networks (CNN) and Random Forest models, with Dockerized Elasticsearch and Kibana for real-time log analysis. Datasets from Windows logs and CICIDS-2018 were used for training and testing. The CNN achieved 91% accuracy on Windows logs, and the Random Forest achieved 97% accuracy on CICIDS-2018 with a 5% false positive rate, while maintaining 15–20% CPU usage and a 50–100 ms response time.The system outperformed traditional EDR tools, offering an efficient, scalable, and resource-friendly solution suitable for both military and enterprise environments.

References

[1] P. Shripad, G. Roopesh, and S. Sharma, “Machine learning–based lightweight endpoint detection and response systems,” Int. J. Cyber Defense Research, vol. 18, no. 2, pp. 54–67, 2024.

[2] Z. B. Yusof, “Effectiveness of endpoint detection and response solutions in combating modern cyber threats,” J. Adv. Cybersecurity Sci., vol. 8, no. 12, 2024.

[3] N. Rananga and H. S. Venter, “A comprehensive review of machine learning applications in cybersecurity,” Research Square, Preprint, 2023.

[4] S. Sewak, X. Deng, and A. Ingle, “Machine learning–driven EDR systems for abnormal pattern detection,” J. Cyber Defense Analytics, vol. 6, no. 3, pp. 91–108, 2023.

[5] Eventus Security, “Endpoint Detection and Response (EDR),” 2025.

[6] Trend Micro, “What is EDR?” 2025.

[7] SentinelOne, “Understanding EDR Technology,” 2025.

[8] M. Althamir et al., “Enhancing malware detection efficacy,” J. Theoretical Applied Info. Tech., vol. 102, no. 6, pp. 2451–2465, 2024.

[9] Hwang, J. Kim, and S. Lee, “Semi-supervised unknown attack detection in EDR environments,” 2020.

[10] H. Kaur et al., “Evolution of endpoint detection and response in cybersecurity,” E3S Web Conf., vol. 556, Art. no. 01006, 2024.

Downloads

Published

02-04-2026

How to Cite

Mary Chiamaka Ekwughaonu, Theophilus Aniemeka Enem, Bitrus, F. B., & Okoroafor Chinedu David. (2026). Developed Lightweight Endpoint Detection and Response Prototype Using Machine Learning for Efficient Threat Detection and Prioritization. Asian Journal of Computer Science and Technology , 15(1), 11–19. https://doi.org/10.70112/ajcst-2026.15.1.4382

Issue

Vol. 15 No. 1 (2026): January-June 2026

Section

Research Article

License

Copyright (c) 2026 Centre for Research and Innovation

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Similar Articles

<< < 1 2 3 4 5 6 7 8 9 10 > >> 

You may also start an advanced similarity search for this article.