This work presents an integrated approach to cyber threat detection and prevention using advanced machine learning and deep learning techniques, combined with a real-time monitoring dashboard. The proposed hybrid architecture makes use of the CICIDS2017 dataset, which contains 682,578 rows and 78 columns and covers a wide range of modern attack types. To identify unusual activity, an ensemble of Isolation Forest and Autoencoder models is employed; the Autoencoder reconstructs typical patterns to identify deviations, while the Isolation Forest focuses on outlier detection in benign traffic. With a 74% accuracy rate, this ensemble outperformed individual models. After detection, XGBoost is used to classify detected assaults into many classes, achieving high precision and recall in multiple classes, particularly for DDoS and PortScan types. A CNN-LSTM model, which has a 99% classification accuracy, is trained on sequential network data to anticipate possible attack scenarios for proactive security. The models were included into a cyber threat monitoring dashboard that enables network managers to make decisions, visualize forecasts in real-time. The system’s performance has been evaluated using measures such as F1-score, recall, accuracy, and precision. The outcomes show how well the hybrid ensemble learning technique works to improve cyber threat identification and prevention in current network environments when combined with deep learning and an interactive dashboard.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cyber Threat Detection and Prevention Using a Hybrid AI-ML Approach

  • Mangalgouri P. Kademani,
  • Yuvaraj P. Rathod,
  • Nisha B. Kubasad,
  • Ramaraddi G. Maraddi,
  • Ashok Chikaraddi

摘要

This work presents an integrated approach to cyber threat detection and prevention using advanced machine learning and deep learning techniques, combined with a real-time monitoring dashboard. The proposed hybrid architecture makes use of the CICIDS2017 dataset, which contains 682,578 rows and 78 columns and covers a wide range of modern attack types. To identify unusual activity, an ensemble of Isolation Forest and Autoencoder models is employed; the Autoencoder reconstructs typical patterns to identify deviations, while the Isolation Forest focuses on outlier detection in benign traffic. With a 74% accuracy rate, this ensemble outperformed individual models. After detection, XGBoost is used to classify detected assaults into many classes, achieving high precision and recall in multiple classes, particularly for DDoS and PortScan types. A CNN-LSTM model, which has a 99% classification accuracy, is trained on sequential network data to anticipate possible attack scenarios for proactive security. The models were included into a cyber threat monitoring dashboard that enables network managers to make decisions, visualize forecasts in real-time. The system’s performance has been evaluated using measures such as F1-score, recall, accuracy, and precision. The outcomes show how well the hybrid ensemble learning technique works to improve cyber threat identification and prevention in current network environments when combined with deep learning and an interactive dashboard.