A Real-time Risk Assessment for Information System with CICIDS2017 Dataset Using Machine Learning (original) (raw)
Related papers
Machine learning to identify Potential Cyber Security threats First author --Preeti Jain
isara solutions, 2020
Cyber crime is proliferating everywhere exploiting every kind of vulnerability to computing environment. Ethical Hackers pay more attention towards assessing vulnerabilities and recommending mitigation methodologies. The development of effective techniques has been an urgent demand in the field of the cybersecurity community. Machine Learning for cybersecurity has become an issue of great importance recently due to th e effectiveness of machine learning and deep learning in cybersecurity issues. Machine learning techniques have been applied for ma jor challenges in cybersecurity issues like intrusion detection, malware classification and detection, spam detection and phishing detection. Although machin e learning cannot automate a complete cybersecurity system, it helps to identify cyber-security threats more efficiently than other softwareoriented methodologies, and thus reduces the burden on security analysts. Ever evolving nature of cyber threats throws challenges continuously on the researchers to e xplore with the ideal combination of deep expertise in cybersecurity and in data science. In this paper, we present the current state of art machine learning applications and their potential for cybersecurity. An analysis of machine learning algorithms for most common types of cybersecurity threats is presented. In a computing context, cybersecurity is going through gigantic movements in innovation and its tasks as of late, and information science is driving the change. Extricating security occurrence examples or experiences from cybersecurity information and building relating information driven model, is the way to make a security framework mechanized and smart. To comprehend and examine the genuine marvels with information, different logical strategies, AI methods, cycles, and frameworks are utilized, which is ordinarily known as information science. In this paper, we zero in and quickly talk about on cybersecurity information science, where the information is being assembled from important cybersecurity sources, and the investigation supplement the most recent information driven examples for giving more powerful security arrangements. The idea of cybersecurity information science permits making the computing cycle more significant and shrewd when contrasted with conventional ones in the area of cybersecurity. We at that point examine and sum up various related examination issues and future bearings. Moreover, we give an AI based multi-layered structure with the end goal of cybersecurity demonstrating. Generally speaking, our objective isn't just to talk about cybersecurity information science and important techniques yet in addition to center the relevance towards information driven savvy dynamic for shielding the frameworks from digital assaults.
A Machine Learning Approach for Information System Security
IJCSIS, 2018
The security of information system against compromise of it confidentiality, integrity and availability is a great challenge to cyber security experts. The purpose of Intrusion Detection system is to save guard and secured an information system against the notorious activities of hackers and cyber attacker, the task of keeping information system secured and sustained in a secured state during the period of their usage ( lifetime) is the aim of this research work. Naive Bayes, KNN and Decision tree intrusion detection Models were built with a consistency features selection reduced training dataset, the models were evaluated using the testing dataset, from the work. The results of our evaluation on the UNSW-NB15 dataset show that; Decision has the highest overall model classification accuracy of 86.77%, worms attack has the highest attack categories classification accuracy with the three models, Generic attack categories has the highest classification precision of 0.9765 Naive Bayes, 0.91706 KNN and 0.9726 Decision Tree, Analysis attacks has the lowest false alarm rate of 0.0001on both NB and KNN models and precision of 0.0093 with DOS attacks on Decision tree model Keywords: Information System, Intrusion Detection System, Confidentiality, Integrity, Availability.
IRJET- Cyber Threats Prediction Using Machine Learning
IRJET, 2021
Cyber Threats damage computer systems and the network with or without user consent; hence prediction of the cyber threats is very crucial in these scenarios. We know that all computers are connected through various networks, so predicting cyber threats will be very helpful to prevent future data loss or disaster. Prediction is one of the approaches from which we can know the output based on the input which is provided. There is an existing approach in which the model is built on certain algorithms and that model is trained with a certain dataset. Based on the model training the model should predict the outcome of the given input. These predictions are done using Machine Learning algorithms; which will help to predict better results from the perspective of cyber threats. We have explored the work done by various researchers on cyber threat predictions and in addition to which we will be presenting our work. For this, we will use different methodologies which will help get better results for the prediction of cyber threats. As a result, it will be very helpful to get prior information about the cyber threats from the past learning experience of the model. And thus, easily prevent data loss from these cyber threats.
Identification of IT Incidents for Improved Risk Analysis by Using Machine Learning
2015 41st Euromicro Conference on Software Engineering and Advanced Applications, 2015
Today almost every system or service, e.g., water, power supply, transportation, etc. is dependent on IT systems, and failure of these systems have serious and negative effects on the society. IT incidents are critical for the society as they can stop the function of critical systems and services. Moreover, in a software engineering context risk analysis is an important activity for the development and operation of safe software-intensive systems. However, the increased complexity and size of softwareintensive systems put additional requirements on the effectiveness of the risk analysis process. Therefore, the risk analysis process needs to be improved and it is believed that by having an overview of already occurred IT incidents, the risk analysis process can be improved. The saved information about IT incidents can be used as an input to risk analysis, which can help to correctly estimate the likelihood and consequences of potential risks. This study investigates how difficult is it to find relevant risks from the available sources and the effort required to set up such a system. It also investigates how accurate are the found risks. It presents a prototype solution of a system that automatically identifies information pertaining to IT incidents, from texts available online on Internet news sources, that have happened. In this study 58% of texts that potentially can contain information about IT incidents were correctly identified from an experiment dataset by using the presented method. It is concluded that the identifying texts about IT incidents with automated methods like the one presented in this study is possible, but it requires some effort to set up.
Cyber Threats Prediction Model using Advanced Data Science Approaches
Journal of Computing & Biomedical Informatics
In the era of technology and the widespread use of the internet, internet users' data and personal information are more at risk. Among various cyber-attacks, DDOS is one of the most dangerous cyber-attacks, which uses single or multiple victims for the unavailability of resources on a small and large scale. The amount and intensity of cyber attacks are also increasing gradually with increasing internet usage. So, defensive strategies are also built with time to protect a network and network devices from many breaches and attacks attempted by many cyber terrorists. Instead of traditional defense mechanisms, data science makes it impressive and easy to predict and detect cyber attacks. This study proposed a data science-based prediction model using a substantial dataset CICDDOS2019. In this research, different models of Machine Learning, e.g., Decision Tree, Random Forest, SVM, and Naïve Bayes, are applied after making this dataset clean and considering the best relevant features ...
International journal of innovative research and scientific studies, 2024
This study examines the development of a model for the threat detection system with the use of machine learning and neural network methods. The fast development of Internet technologies has led to the appearance of many digit a l sy st em s and platforms. However, despite the impressive technological progress, another side also emerged in the spread of a massive number of different cyber threats. Although various ways have been created to detect and prevent them, the threats are also developing a nd becoming more complex each year. Therefore, new system defense and data protection methods using machine and deep learning approaches ha ve been proposed recently. The methods based on these approaches have proved to be especially effective in the wave of new Artificial Intelligence applications. In this paper, a threat detection system has been designed to disclose different kinds of threa ts while maintaining the security, confidentiality, and availability of the computer system. The development of machine learning m odels for detecting DDoS and man-in-themiddle attacks, Structured Query Language (SQL) injections, phishing, and m alware was examined. The data scaling, feature selection, feature extraction, and classification steps were also thoroughly described. Naïve Bayes, Logistic Regression, Decision Tree, Random Forest, XGBoost, CatBoost, and Deep Neural Network algorithms were utilized for training the cyber threat detection models. The experimental results evaluated all the models using accuracy, precision, recall, and F1-score metrics. The best models achieved scores in the range of 0.90 to 1.00.
Real-Time Risk Assessment with Network Sensors and Intrusion Detection Systems
2005
This paper considers a real-time risk assessment method for information systems and networks based on observations from networks sensors such as intrusion detection systems. The system risk is dynamically evaluated using hidden Markov models, providing a mechanism for handling data from sensors with different trustworthiness in terms of false positives and negatives. The method provides a higher level of abstraction for monitoring network security, suitable for risk management and intrusion response applications.
Statistical Machine Learning Analysis of Cyber Risk Data: Event Case Studies
SSRN Electronic Journal
This work explores the common attributes of different types of cyber risk with a view to better understanding the key attributes that contribute to each type of cyber risk category. In doing so we explore event studies on a range of different market sectors, different countries, different demographics over time and categories of cyber risk event type. To perform this study we explore a modern machine learning clustering method to investigate the attributes of cyber risk and how they can be categorised via a statistical method. We then explore the properties of this statistical classification and interpret its implications for the current taxonomies being developed for cyber risk in areas of risk management. In the process we will interpret and analyse the implications our analysis has on both operational risk modelling of cyber risk data, as well as the implications the findings have for cyber risk insurance products. On a broader level, this analysis informs risk behaviour of both traditional and emerging financial institutions such as financial technology (fintech).
International Journal of Science and Research, 2023
In the introduction section, the study provided a well-developed aim as well as research objectives and research questions associated with the topic. In that case, the rise in cybersecurity issues throughout the world is a problem statement for this study. In the literature review, this study provides several examples of Machine Learning Models that help in the security effectiveness enhancement segment. In that case, Predictive analytics as well as the contribution of different algorithms has been discussed in the Cybersecurity landscape. Different strategies have been implemented to increase the prevention rate against cybersecurity threats in the modern era. In the methodology section, this study used a primary approach where primary data collection has been performed. In that case, the online survey offered all the data and these data were offered by 70 participants as per the asked questions. Quantitative data analysis method performed for data analysis. In the findings and analysis section, the IBM SPSS tool was used for demographic analysis. Similarly, this tool offered a hypothesis test by performing regression analysis and correlation analysis. In the discussion section, all the findings are discussed in which collaborating ML models with predictive analytics enhances cybersecurity measures. In the end, it can be concluded that different applications of predictive analytics improve the security of organisations in the evolving digital era.
Advancing Cybersecurity and Data Networking Through Machine Learning Driven Prediction Model
International Journal of Innovative Research in Computer Science and Technology (IJIRCST), 2025
The increasing reliance on interconnected systems has elevated the importance of robust cybersecurity and efficient data networking. As digital transformation accelerates, emerging cyber threats exploit vulnerabilities in critical infrastructure, emphasizing the need for innovative solutions. This paper investigates the application of machine learning in enhancing cybersecurity and data networking through predictive models. By analyzing empirical data from major network providers, cybersecurity firms, and detailed case studies, this research demonstrates the effectiveness of machine learning in improving threat detection, optimizing network performance, and mitigating risks. Findings reveal that machine learning-driven prediction models enhance security measures by 85%, optimize network efficiency by 30%, and significantly reduce financial losses stemming from cyberattacks. These predictive systems provide early warnings and automate responses, enabling organizations to transition from reactive to proactive security strategies. Furthermore, machine learning algorithms dynamically allocate network resources, reducing latency and increasing bandwidth utilization. The results showcase the transformative potential of machine learning in safeguarding digital ecosystems against evolving threats. As industries become increasingly reliant on data networking, the adoption of machine learning not only fortifies cybersecurity frameworks but also streamlines operational efficiency. Addressing challenges such as integration with legacy systems, high implementation costs, and the need for skilled personnel will be critical to unlocking the full potential of this technology. This research underscores the indispensable role of machine learning in shaping a secure and resilient digital future.