Predictive Threat Intelligence Using Machine Learning

Abstract

The number and sophistication of cyberattacks have dramatically expanded due to the quick development of digital technology, cloud computing, and Internet of Things (IoT) devices. Conventional intrusion detection systems are ineffective against zero-day and dynamic threats since they primarily rely on predetermined signatures and criteria. By examining both previous and current data, predictive threat intelligence (PTI) aims to foresee cyberattacks before they happen. Intelligent methods for extracting hidden patterns from massive network traffic are offered by machine learning (ML). Using the UNSW NB15 dataset, this study suggests a predictive threat intelligence system based on machine learning. A number of supervised learning methods are used and assessed, such as Random Forest, Artificial Neural Networks, Support Vector Machine, Logistic Regression, and EnXGBoost. According to experimental results, EnXGBoost performs the best, achieving an accuracy of 93.5% for multi-class classification and 98.7% for binary classification. In contemporary networks, the suggested approach facilitates real-time deployment, lowers false alarms, and improves proactive security.