Balakrishnan Dasarathy*

University of Maryland Global Campus, Adelphi, USA

*Corresponding Author: Balakrishnan Dasarathy, University of Maryland Global Campus, Adelphi, USA.

Received: May 01, 2021; Published: June 09, 2021

Abstract

  This paper is on applying leading machine learning (ML) techniques to detect cyberthreats and cyberattacks. The paper begins with a short overview of three leading supervisory techniques, Logistic Regression, Neural Network (NN) and Support Vector Machine, and one unsupervised learning technique, the Multivariate Gaussian Distribution-based anomaly detection, that are being applied. The datasets used for training, validation and testing are then described. Potential alternatives to the datasets used are also discussed. Metrics used to assess the algorithms, precision, recall and accuracy, are then defined. An overview of bias vs. variance tradeoff to get optimal results with the algorithms is then provided. The performance of the ML algorithms applied is then described. The performance of the NN algorithm for two-class classification (normal vs. attack) and the anomaly detection using the Multivariate Gaussian Distribution function is encouraging. The results are summarized, and future directions are outlined. A main goal of the future research is to improve performance in classifying attacks into their constituent classes, i.e., to develop more accurate signatures or models for attack classes. An in-depth bias vs. variance analysis of the algorithms applied is also a major direction going forward.

Keywords: Intrusion Detection; Machine Learning; Cyberattacks; Cyberthreats; Machine Learning for Cyberthreat and Cyberattack Detection

Bibliography

1. Delplace A., et al. “Cyber Attack Detection thanks to Machine Learning Algorithms”. COMS7507: Advanced Security Course Material. The University of Queensland, Australia (2019).
2. R Lippmann., et al. “Evaluating intrusion detection systems: The 1998 DARPA offline intrusion detection evaluation”. Proc. IEEE DARPA Inf. Surviv. Conf. Expo., (2000): 12-26.
3. Lippmann R., et al. “The 1999 DARPA offline intrusion detection evaluation”. Computer Networks 34 (2000): 579-595.
4. Buczak AL and Guven E A. “A Survey of Data Mining and Machine Learning, Methods for Cyber Security Intrusion Detection”. IEEE Communications Surveys and Tutorials2 (2016).
5. Xin,Y., et al. “Machine Learning and Deep Learning Methods for Cybersecurity”. IEEE Access. date of current version 6 (2018): 36365-35381.
6. Besharati E., et al. “LR-HIDS: logistic regression host-based intrusion detection system for cloud environments”. Journal of Ambient Intelligence and Humanized Computing 10 (2018): 3669-3692.
7. Ghosh P and Mitra R. “Proposed GA-BFSS and logistic regression based intrusion detection system”. Proc. 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT), Hooghly (2015): 1-6.
8. Mitchell T. “Machine Learning”. McGraw-Hill (1997).
9. Costa CD. “A Tour of Machine Learning Algorithms” (2020).
10. Ng A. “Stanford University Machine Learning Course by Prof. Andrew Ng” (2011).
11. “A Beginner's Guide to Logistic Regression for Machine Learning”.
12. “A Beginner's Guide to Neural Networks and Deep Learning”.
13. KDD Cup 1999 Data. “University of California Irvine, UCI KDD archive”.
14. Sharafaldin I., et al. “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization”. 4th International Conference on Information Systems Security and Privacy (ICISSP) Portugal (2018).
15. Panigrahi R and Borah, H. “A detailed analysis of CICIDS2017 dataset for designing Intrusion Detection System”. International Journal of Engineering and Technology3.24 (2018).
16. The CTU-13 Dataset. “A Labeled Dataset with Botnet, Normal and Background traffic”.
17. Vishwakarma AR. Network Traffic Based Botnet Detection Using Machine Learning Master’s Thesis, San Jose State University, San Jose, CA (2020).
18. Brems M. “A One-Stop Shop for Principal Component Analysis”. Towards Data Science (2017).
19. “GNU Octave”.

Citation

Citation: Balakrishnan Dasarathy. “A Comparative Study of Machine Learning Techniques in Cyberthreat and Cyberattack Detections¹". Acta Scientific Computer Sciences 3.7 (2021): 29-40.

Copyright

Copyright: © 2021 Balakrishnan Dasarathy. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.