The development of a model for the threat detection system with the use of machine learning and neural network methods

Abstract

This study examines the development of a model for the threat detection system with the use of machine learning and neural network methods. The fast development of Internet technologies has led to the appearance of many digital systems and platforms. However, despite the impressive technological progress, another side also emerged in the spread of a massive number of different cyber threats. Although various ways have been created to detect and prevent them, the threats are also developing and becoming more complex each year. Therefore, new system defense and data protection methods using machine and deep learning approaches have been proposed recently. The methods based on these approaches have proved to be especially effective in the wave of new Artificial Intelligence applications. In this paper, a threat detection system has been designed to disclose different kinds of threats while maintaining the security, confidentiality, and availability of the computer system. The development of machine learning models for detecting DDoS and man-in-the-middle attacks, Structured Query Language (SQL) injections, phishing, and malware was examined. The data scaling, feature selection, feature extraction, and classification steps were also thoroughly described. Naïve Bayes, Logistic Regression, Decision Tree, Random Forest, XGBoost, CatBoost, and Deep Neural Network algorithms were utilized for training the cyber threat detection models. The experimental results evaluated all the models using accuracy, precision, recall, and F1-score metrics. The best models achieved scores in the range of 0.90 to 1.00.