A Novel Enhanced Naïve Bayes Posterior Probability (ENBPP) Using Machine Learning: Cyber Threat Analysis

Machine learning techniques, that are based on semantic analysis of behavioural attack patterns, have not been successfully implemented in cyber threat intelligence. This is because of the error prone and time-consuming manual process of deep learning solutions, which is commonly used for searching correlated cyber-attack tactics, techniques and procedures in cyber-attacks prediction techniques. The aim of this paper is to improve the prediction accuracy and the processing time of cyber-attacks prediction mechanisms by proposing enhanced Naive Bayes posterior probability (ENBPP) algorithm. The proposed algorithm combines two functions; a modified version of Naive Bayes posterior probability function and a modified risk assessment function. Combining these two functions will enhance the threat prediction accuracy and decrease the processing time. Five different datasets were used to obtain the results. Five different datasets containing 328,814 threat samples were used to obtain the processing time and the prediction accuracy results for the proposed solution. Results show that the proposed solution gives better prediction accuracy and processing time when different examination types and different scenarios are taken into consideration. The proposed solution provides a significant prediction accuracy improvement in threat analysis from 92–96% and decreases the average processing time from 0.043 to 0.028 s compared with the other method. The proposed solution successfully enhances the overall prediction accuracy and improves the processing time by solving the TTPs dependency and the prediction sets threshold problems. Thus, the proposed algorithm reaches a more reliable threat prediction solution.

[1]  Cheng Xing,et al.  An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks , 2019, IEEE Access.

[2]  Md. Rafiqul Islam,et al.  Hybrids of support vector machine wrapper and filter based framework for malware detection , 2016, Future Gener. Comput. Syst..

[3]  Adnan Shaout,et al.  An intelligent intrusion detection system , 2019, Applied Intelligence.

[4]  Mário Antunes,et al.  Towards IoT data classification through semantic features , 2017, Future Gener. Comput. Syst..

[5]  Irfan-Ullah Awan,et al.  CloudIntell: An intelligent malware detection system , 2017, Future Gener. Comput. Syst..

[6]  Kijun Han,et al.  Cyber Threat Detection Based on Artificial Neural Networks Using Event Profiles , 2019, IEEE Access.

[7]  Jia Liu,et al.  Detecting cyberattacks in industrial control systems using online learning algorithms , 2019, Neurocomputing.

[8]  Frank Fransen,et al.  Cyber security information exchange to gain insight into the effects of cyber threats and incidents , 2015, Elektrotech. Informationstechnik.

[9]  Tommy Chin,et al.  A Machine Learning Framework for Domain Generation Algorithm-Based Malware Detection , 2019, IEEE Access.

[10]  Jianxin Li,et al.  Modeling and clustering attacker activities in IoT through machine learning techniques , 2019, Inf. Sci..

[11]  Athor Subroto,et al.  Cyber risk prediction through social media big data analytics and statistical machine learning , 2019, Journal of Big Data.

[12]  Feifei Li,et al.  DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning , 2017, CCS.

[13]  Jie Gu,et al.  A novel approach to intrusion detection using SVM ensemble with feature augmentation , 2019, Comput. Secur..

[14]  Huy Kang Kim,et al.  Automated Dataset Generation System for Collaborative Research of Cyber Threat Intelligence Analysis , 2019, Secur. Commun. Networks.

[15]  Serif Bahtiyar,et al.  A multi-dimensional machine learning approach to predict advanced malware , 2019, Comput. Networks.

[16]  Ehab Al-Shaer,et al.  Data-driven analytics for cyber-threat intelligence and information sharing , 2017, Comput. Secur..

[17]  Zhen Liu,et al.  An Adaptive Ensemble Machine Learning Model for Intrusion Detection , 2019, IEEE Access.

[18]  Asad Waqar Malik,et al.  A machine learning framework for investigating data breaches based on semantic analysis of adversary's attack patterns in threat intelligence repositories , 2019, Future Gener. Comput. Syst..

[19]  Kim-Kwang Raymond Choo,et al.  A machine learning-based FinTech cyber threat attribution framework using high-level indicators of compromise , 2019, Future Gener. Comput. Syst..

[20]  V. Villagrá,et al.  Leveraging cyber threat intelligence for a dynamic risk framework , 2019, International Journal of Information Security.

[21]  Iqbal Gondal,et al.  A survey of similarities in banking malware behaviours , 2018, Comput. Secur..

[22]  Elias Bou-Harb,et al.  Survey of Attack Projection, Prediction, and Forecasting in Cyber Security , 2019, IEEE Communications Surveys & Tutorials.

[23]  Viliam Lisý,et al.  Hardening networks against strategic attackers using attack graph games , 2019, Comput. Secur..

[24]  Manuel López Martín,et al.  Adversarial environment reinforcement learning algorithm for intrusion detection , 2019, Comput. Networks.