Effectively Predicting Cyber-Attacks through Isolation Forest Learning-based Outlier Detection
- Cyber Anomaly
- Isolation Forest
- k-Means
- DBScan
Available Online at Security and Privacy Journal - Wiley
Due to the popularity of Internet of Things devices, the exponential progress of computer networks, and a plethora of associated applications, cybersecurity has recently attracted much attention in light of today's security problems. As a result, detecting various cyber-attacks within a network and developing an effective cyber-attacks prediction model that plays a crucial part in today's defense has become increasingly critical. Modeling cyber-attacks effectively, on the other hand, is challenging because modern security datasets hold a large number of dimensions of security features and may contain outliers. To accomplish this, we provide an approach for categorizing cyber-attacks effectively through isolation forest learning-based outlier detection. Additionally, we apply a variety of popular machine learning approaches to assess the performance of cyber-attacks prediction models, including logistic regression, support vector machine, AdaBoost classifier, naive Bayes, and K-nearest neighbor. We evaluated the efficacy of our approach by running tests on three network intrusion datasets (KDD Cup 99, CIC-IDS2017, and UNSW-NB15) and computing the precision, recall, and accuracy. Experiments demonstrate that eliminating outliers improves the prediction accuracy of cyber-attacks for different classifiers. Additionally, we compare the isolation forest learning-based outlier detection model to other well-known outlier detection techniques, DBSCAN and k-means, and measure the effectiveness of our model.