SentinelSphere: An AI-driven cybersecurity platform integrating real-time threat detection with security awareness education

Background The cybersecurity domain faces dual challenges: a global shortage of qualified professionals and persistent human-factor vulnerabilities contributing to the majority of security breaches. Traditional Security Information and Event Management (SIEM) systems generate excessive false positives causing analyst alert fatigue, while conventional awareness programmes demonstrate limited effectiveness in changing user behaviour. Integrated solutions addressing both technical detection and human-centric education are needed. Methods We developed SentinelSphere, an AI-driven platform combining machine learning-based threat detection with Large Language Model (LLM)-powered security training. The detection component employs an Enhanced Deep Neural Network trained on the CIC-IDS2017 and CIC-DDoS2019 benchmark datasets. The educational component utilises Microsoft’s Phi-4 model with quantisation techniques to enable deployment on standard hardware. System performance was optimised through Rust-based preprocessing and validated via pilot deployments with 76 stakeholders across professional and educational settings in Greece. Results The Enhanced DNN achieved high detection accuracy with significant false positive reduction compared to baseline models, while maintaining strong recall for critical attack categories including DDoS, botnet, and brute force attacks. Rust optimisation delivered substantial speedup in both single-record and batch processing. Stakeholder validation revealed high satisfaction rates, with most participants achieving improved security concept comprehension post-training. The platform identified critical awareness gaps, particularly regarding data protection regulations and multi-factor authentication adoption. Conclusions SentinelSphere demonstrates that integrating intelligent threat detection with adaptive, LLM-powered security education can effectively address both technical and human-factor cybersecurity challenges. The resource-efficient design enables deployment in SME environments without enterprise-grade infrastructure, supporting comprehensive cyber resilience approaches within the European Union’s regulatory framework.