Analysis and Comparison of Machine Learning Algorithms for Detecting Zero-Day Threats in Network Systems
Article Sidebar
Main Article Content
Abstract
This research focuses on analyzing and comparing Machine Learning algorithms for detecting Zero-Day threats in network systems. The objectives include: 1) studying the capability of Machine Learning algorithms to detect Zero-Day attacks, 2) analyzing the performance of these algorithms in differentiating and classifying behaviors indicative of Zero-Day attacks, and 3) proposing practical approaches for integrating analytical results into network security systems to counteract Zero-Day threats. Data utilized in this study were collected from Threat Intelligence and actual network defense systems.
The findings reveal that Neural Networks (NN) achieved an accuracy of 95.2% with a False Positive Rate (FPR) of just 2.5%, demonstrating superior performance in learning new data and accurately responding to Zero-Day threats. This capability significantly reduces the burden of handling false alarms and enhances network protection. Random Forest (RF) and Support Vector Machine (SVM) achieved accuracies of 90.5% and 88.7%, respectively, but were less effective than NN in minimizing FPR. Additionally, the use of Anomaly Detection and Ensemble Models further strengthened the ability to detect complex threats and adapt to dynamic environments. The developed system effectively blocks repeated attack IPs and promptly detects anomalous behavior, offering advanced protection against emerging threats that traditional systems cannot address. This research provides practical recommendations for developing network security systems with enhanced precision, flexibility, and resilience to sophisticated and evolving threats. Moreover, it highlights the crucial role of Machine Learning technologies in bolstering cybersecurity, serving as an essential tool for preventing and managing threats in the digital age.
Downloads
Article Details
References
Chua, Y. F., & Salam, R. A. (2023). Evaluation of machine learning algorithms in network-based intrusion detection using progressive dataset. Symmetry, 15(6), 1-31. https://doi.org/10.3390/sym15061251
Dawadi, B. R., Adhikari, B., & Srivastava, D. K. (2023). Deep learning technique-enabled web application firewall for the detection of web attacks. Sensors, 23(4), 1-16. https://doi.org/10.3390/s23042073
Dean, J. (2022). A golden decade of deep learning: Computing systems & applications. Dædalus, the Journal of the American Academy of Arts & Sciences, 151(2), 58-74. https://doi.org/10.1162/daed_a_01900
Gupta, I., Kumari, S., Jha, P., & Ghosh, M. (2024). Leveraging LSTM and GAN for modern malware detection. arXiv. https://doi.org/10.48550/arXiv.2405.04373
Kumar, P. S., B, U. S., Mishra, I., S, S. S., Tripathi, D. R., & Rama Krishna T., S. (2022). Malware detection classification using recurrent neural network. In 2022 2nd International Conference on Technological Advancements in Computational Sciences (ICTACS). (876–880). IEEE. https://doi.org/10.1109/ICTACS56270.2022.9988624
Salem, A. H., Azzam, S. M., Emam, O. E., & Abohany, A. A. (2024). Advancing cybersecurity: A comprehensive review of AI-driven detection techniques. Journal of Big Data, 11(105), 1-38. https://doi.org/10.1186/s40537-024-00957-y
Sarhan, M., Layeghy, S., Gallagher, M., & Portmann, M. (2023). From zero-shot machine learning to zero-day attack detection. International Journal of Information Security, 22(6), 947–959. https://link.springer.com/article/10.1007/s10207-023-00676-0
Sewak, M., Sahay, S. K., & Rathore, H. (2022). Deep reinforcement learning for cybersecurity threat detection and protection: A review. arXiv preprint arXiv:2206.02733. https://arxiv.org/abs/2206.02733
Singh, S., Kumar, R., Payra, S., & Singh, S. K. (2023). Artificial intelligence and machine learning in pharmacological research: Bridging the gap between data and drug discovery. Cureus, 15(8), e44359. https://doi.org/10.7759/cureus.44359
Yanguema, A. (2023). Fortifying network security with machine learning.SSRN. 1-9 https://doi.org/10.2139/ssrn.4663593