XTRACTIS FOR cyber security

Log-based Detection of Cyber Intrusions

Benchmark vs. Logistic Regression, Random Forests, Boosted Trees & Neural Networks

How to automatically, efficiently and transparently diagnose an intrusion on a computer network from the connection logs?

Goals & benefits

Identify the characteristics of logs defining a cyber intrusion. Enhance expert knowledge by helping cybersecurity specialists understand the causal relationships between specific log features, their combination, and the existence of an intrusion

Help IT detect cyberattacks as early as possible and understand the underlying strategy of the attacker in order to consider measures to thwart future attacks.

Avoid a large number of false alarms.

The attacker will always have the advantage if they use the same AI as the defender. This is why an efficient, non-public AI such as xtractis offers a significant advantage in the defense, security and cybersecurity domains.


We get a Predictive Model that is:


A Decision System composed of 25 unchained gradual rules using only the 26 variables that XTRACTIS identified as significant (out of 41 Potential Predictors characterizing each log).


Excellent Real Performance on External Test Dataset #1. Very good on External Test Dataset #2.

Efficient & Operational.

Running in real-time up to 70,000 predictions per second (i7, 8 physical cores, 2.5GHz), offline or online (API).

Use Case 09/2022 (v3.0)

Results by
XTRACTIS® GENERATE 12.1.42925 (07/2022)


  1. Problem Definition
  2. Xtractis Solution
  3. Top-Model Induction
  4. Explained Predictions for 3 cases
  5. Top-Models Benchmark