MACHINE LEARNING APPROACH TO ANOMALY DETECTION IN CYBER SECURITY WITH A CASE STUDY OF SPAMMING ATTACK (original) (raw)

Enhancing Cybersecurity through Machine Learning: An Exploration of Anomaly Detection

International Journal of Computer Science and Mobile Computing (IJCSMC), 2024

In the contemporary digital environment, cybersecurity is one of the most crucial areas to take care of. The rising sophistication of cyber threats poses a severe risk to individuals and businesses. Below is the research work of elaboration on the application of machine learning techniques in the improved anomaly detection for cybersecurity. The study will detect and attempt to mitigate more anomalous activities indicating possible cyber threats using Machine Learning algorithms. More concretely, this study consists of a thorough literature review of existing works on cybersecurity and machine learning, delves into a variety of algorithms for anomaly detection, and evaluates their empirical performance.

Study on the effectiveness of anomaly detection for spam filtering

Information Sciences, 2014

Spam has become an important problem for computer security because it is a channel for spreading threats, including computer viruses, worms and phishing. Currently, more than 85% of received emails are spam. Historical approaches to combating these messages, including simple techniques such as sender blacklisting or using email signatures, are no longer completely reliable on their own. Many solutions utilise machine-learning approaches trained with statistical representations of the terms that usually appear in the emails. Nevertheless, these methods require a time-consuming training step with labelled data. Dealing with the limited availability of labelled training instances slows down the progress of filtering systems and offers advantages to spammers. In this paper, we present a study of the effectiveness of anomaly detection applied to spam filtering, which reduces the necessity of labelling spam messages and only employs the representation of one class of emails (i.e., legitimate or spam). This study includes a presentation of the first anomaly based spam filtering system, an enhancement of this system that applies a data reduction algorithm to the labelled dataset to reduce processing time while maintaining detection rates and an analysis of the suitability of choosing legitimate emails or spam as a representation of normality.

Analysis of Various Machine Learning Approach to Detect Anomaly from Network Traffic

International journal of computer science and mobile computing, 2022

Although conventional network security measures have been effective up until now, machine learning techniques are a strong contender in the present network environment due to their flexibility. In this study, we evaluate how well the latter can identify security issues in a corporative setting Network. In order to do so, we configure and contrast a number of models to determine which one best our demands. In addition, we spread the computational load and storage to support large quantities of data. Our model-building methods, Random Forest and Naive Bayes.

Machine Learning Applications in Misuse and Anomaly Detection

2020

Machine learning and data mining algorithms play important roles in designing intrusion detection systems. Based on their approaches toward the detection of attacks in a network, intrusion detection systems can be broadly categorized into two types. In the misuse detection systems, an attack in a system is detected whenever the sequence of activities in the network matches with a known attack signature. In the anomaly detection approach, on the other hand, anomalous states in a system are identified based on a significant difference in the state transitions of the system from its normal states. This chapter presents a comprehensive discussion on some of the existing schemes of intrusion detection based on misuse detection, anomaly detection and hybrid detection approaches. Some future directions of research in the design of algorithms for intrusion detection are also identified.

Machine Learning in Network Anomaly Detection: A Survey

IEEE Access, 2021

Anomalies could be the threats to the network that has ever/never happened. To detect and protect networks against malicious access is always challenging even though it has been studied for a long time. Due to the evolution of network in both new technologies and fast growth of connected devices, network attacks are getting versatile as well. Comparing to the traditional detection approaches, machine learning is a novel and flexible method to detect intrusions in the network, it is applicable to any network structure. In this paper, we introduce the challenges of anomaly detection in the traditional network, as well as the next generation network, and review the implementation of machine learning in anomaly detection under different network contexts. The procedure of each machine learning type is explained, as well as the methodology and advantages presented. The comparison of using different machine learning models is also summarised. INDEX TERMS Machine learning, anomaly detection, network security, software defined network, Internet of Things, cloud network.

Machine learning algorithm for Cyber Security - A Review

International journal of scientific research in computer science, engineering and information technology, 2019

The computer networks are exposed to increasingly safety threats. With new kinds of attacks appearing usually, growing flexible and adaptive protection-oriented strategies is a severe undertaking. In this context, anomalyprimarily based community intrusion detection techniques are a precious era to guard target structures and networks in opposition to malicious sports. Threats the internets are posing higher threat on IDS safety of statistics. The primary concept is to utilize auditing programs to extract an in-depth set of capabilities that describe each network connection or host session and practice statistics mining applications to learn rules that correctly capture the behavior of intrusions and normal activities. Now Intrusion Detection has end up the priority and on the crucial assignment of statistics protection administrators. A device deployed in a network is at risk of numerous assaults and desires to be blanketed towards assaults. Intrusion detection machine is a necessity of these days' information safety area. It performs a vital function in detection of anomalous site visitors in a community and indicators the network administrators to manage such visitors. The painting supplied in this thesis is an attempt to locate such visitor's anomalies in the networks through generating and reading the site visitors float information.

Anomaly Detection Using Generic Machine Learning Approach With a Case Study of Awareness

IJMER

Abstract: Security of computer systems and information in flow is essential to acceptance for every network user utilities Now the standalone computer and internets are exposed to an increasing number of security threats with new types of attacks continuously appearing. For this to develop a robust, flexible and adaptive security oriented approaches is a severe challenge. In this context, anomaly based intrusion detection technique is an advanced accurate technique to protect data stored at target systems and while flow in the networks against malicious activities. Anomaly detection is an area of information security that has received much attention in recent years. So in this paper we are going to elaborate a latest techniques available in machine learning approach applied to anomaly detection which are used to thwarts the latest attacks like cyber based attacks and malware infections. Finally a case study is discussed on latest cyber attacks phased by top web domains and countries in the world motivated by a traditional security ethic are called E-Awareness.

Anomaly Based Intrusion Detection through Efficient Machine Learning Model

IJEER , 2023

Machine learning is commonly utilised to construct an intrusion detection system (IDS) that automatically detects and classifies network intrusions and host-level threats. Malicious assaults change and occur in high numbers, needing a scalable solution. Cyber security researchers may use public malware databases for research and related work. No research has examined machine learning algorithm performance on publicly accessible datasets. Data and physical level security and analysis for Data protection have become more important as data volumes grow. IDSs collect and analyse data to identify system or network intrusions for data prevention. The amount, diversity, and speed of network data make data analysis to identify assaults challenging. IDS uses machine learning methods for precise and efficient development of data security mechanism. This work presented intrusion detection model using machine learning, which utilised feature extraction, feature selection and feature modelling for intrusion detection classifier.

Experimental Study of Machine Learning Methods in Anomaly Detection

Informasiya texnologiyaları problemləri, 2022

Recently, the widespread usage of computer networks has led to the increase of network threats and attacks. Existing security systems and devices are insufficient in the detection of intruders' attacks on network infrastructure, and they considered to be outdated for storing and analyzing large network traffic data in terms of size, speed, and diversity. Detection of anomalies in network traffic data is one of the most important issues in providing network security. In the paper, we investigate the possibility of using machine learning algorithms in the detection of anomalies-DoS attacks in computer network traffic data on the WEKA software platform. Ensemble model consisting of several unsupervised classification algorithms has been proposed to increase the efficiency of classification algorithms. The effectiveness of the proposed model was studied using the NSL-KDD database. The proposed approach showed a higher accuracy in the detection of anomalies compared to the results shown by the classification algorithms separately.