BIG DATA PROCESSING IN CYBERSECURITY SYSTEMS USING CLOUD TECHNOLOGIES

Abstract

Abstract. The article examines current trends in applying big data processing technologies to cybersecurity with a focus on cloud-based architectures and distributed computing. The rapid growth of telemetry, log streams, and security events has made traditional SIEM platforms inefficient because they cannot provide the performance required for real-time threat detection. Based on a review of modern solutions, the study highlights the role of frameworks such as Apache Hadoop and Apache Spark in enabling scalable security analytics platforms that support both batch and streaming workloads. Particular attention is paid to cloud-native SIEM systems, which offer elastic scalability, reduced capital expenditures, and the ability to process petabyte-scale data volumes with latency below 100 milliseconds.

The article analyzes the integration of machine learning and anomaly-detection models that automate event correlation, reduce false positives, and improve incident-response efficiency. Key challenges of cloud adoption are addressed, including data confidentiality, regulatory compliance, vendor lock-in risks, and threats specific to cloud-native infrastructures. Practical recommendations include staged deployment of cloud SIEM platforms, optimization of data ingestion pipelines, development of hybrid storage strategies, and the use of SOAR solutions to automate incident handling.

Future research directions are outlined, including quantum-safe cryptography for protecting security big data, federated learning for training detection models on distributed confidential datasets, standardized multi-cloud integration interfaces, and edge-analytics mechanisms for pre-processing critical telemetry streams at the network perimeter.

Keywords: big data, cybersecurity, cloud computing, SIEM, distributed systems, Apache Spark, security analytics, real time.