Integrated threat intelligence platform for security operations in organizations

Abstract

Organizations have to establish strong security operations to protect their digital assets since cyberattacks are becoming more prevalent and sophisticated. Integrating threat intelligence into security operations is a fundamental strategy for enhancing an organization’s security posture. However, the precision and dependability of the underlying machine learning classifiers employed for analysis determine how successful such platforms really are. In this paper, we leverage the UNSW-NB15 dataset to propose an integrated threat intelligence platform for security operations in organizations. In order to determine which machine learning classifier performs best, we run a variety of classifiers to the dataset, including Ensemble Learning, Stochastic Gradient Descent (SGD), Logistic Regression, and Ridge Classifier. Our findings demonstrate that the Ensemble Learning classifier beats the other classifiers, with accuracy, precision, recall, and F1 score of 97.02%, 98.34%, 99.02% and 98.17% respectively. This suggests that our proposed system is quite good at detecting potential threats and may offer insightful information for security operations in organizations.