Cyber Threat Attack Level Detection Using Machine Learning

This study focuses on creating a machine learning-based system for identifying cyber-attacks in real time using network data, system logs, and attack history. The work presents a thorough methodology that includes data collection, preprocessing, feature selection, model training, and real-time monit...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:2025 3rd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT) S. 442 - 449
Hauptverfasser: R, Rahul, Mythili, S.
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: IEEE 05.02.2025
Schlagworte:
Accuracy
Alert System
Anomaly Detection
Automated Threat Mitigation
Cyber Threat Detection
Data models
Django Framework
Feature extraction
Incident Response
Network Traffic Analysis
Optimization
Prevention and mitigation
Real-time Monitoring
Real-time systems
Security Logs
SQL injection
Support vector machines
Telecommunication traffic
Threat assessment
Threat Management
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This study focuses on creating a machine learning-based system for identifying cyber-attacks in real time using network data, system logs, and attack history. The work presents a thorough methodology that includes data collection, preprocessing, feature selection, model training, and real-time monitoring. The system uses a variety of machine learning techniques to classify attack types, including supervised learning methods such as Random Forest, Support Vector Machines (SVM), and Neural Networks, as well as unsupervised learning methods such as clustering to detect anomalies that indicate potential threats. The model was trained and evaluated on a dataset of 477 items, reaching an accuracy of 83.33%, with 470 entries identified as carrying threats. The study effectively proved the ability to detect numerous attack types, such as SQL injection, cross-site scripting (XSS), and DDoS attacks, as well as accurately classify and prioritize threat levels. Furthermore, the system was successfully deployed in a live environment, providing real-time threat detection, automatic response capabilities, and detailed alerts to security personnel. This research resulted in the creation of an efficient and scalable cyber threat detection framework capable of both detecting existing attacks and discovering novel, previously unknown threats.
DOI:10.1109/IDCIOT64235.2025.10915055