A Study on Cyber-Attack Detection and Classification Using Machine Learning Techniques

Abstract

The growth of Information Technology has seen the rise of Cyber-attacks like never before. It has prompted study on detection of the attacks with faster and more accurate techniques. Machines have been rising as a front-runner, as network traffic across all sectors is increasing and big data needs processing within a short amount of time and ML models are the tool. This study covers a diverse range of network traffic with attacks seen in recent times. A total of three datasets, UNSW-NB15, CICIDS-17 and CICDDoS-2019. In this work, we cover over 20 attack types and 49, 79 and 78 features respectively for the above datasets. The three datasets were modified to create six datasets both signature based multiclass Classification a nomaly based binary-class classification. A t t he p re-processing s tep, f or f eature selection Random Forest Regression method was used. The Machine Learning detection models were built using Logistic Regression, Support Vector Machines, Decision Tree, Random Forest, Artificial Neural Network & k-Nearest Neighbor techniques. The standard metrics of evaluation, accuracy, precision, recall, f1-score and roc are used for insights. The results obtained shows that ML trained show higher detection accuracy when the attack dataset for training is bigger having fewer attack types. Another observation is that Random Forest shows the best performance among all six ML Techniques