Threat Detection in Cyber Security by Machine
Learning
Anil Kumar Sharma Abhishek Suman
Dept. of Information Science Dept. of Information Science Dept. of Information Science
BMS College of Engineering BMS College of Engineering
Bengaluru, India Bengaluru, India
anilsharma.is19@bmsce.ac.in abhisheksuman.is19@bmsce.ac.in abhijeet.is19@bmsce.ac.in
Abstract — In the rapidly evolving field of cybersecurity, the
ability to detect and mitigate potential threats is paramount.
With the increasing amount of data being generated by
networked devices, traditional security methods are no longer
sufficient to keep networks secure. Machine learning models
have the potential to provide a solution by enabling effective
threat detection in real-time. This project proposes the use of a
machine learning model for cyber threat detection. The model
uses a combination of feature engineering architecture to analyze
network traffic data and detect suspicious activity.
INTRODUCTION
A cybersecurity threat is the threat of a malicious attack by an
individual or organization attempting to gain access to a
network, corrupt data, or steal confidential information. No
organization is immune from cyberattacks and data breaches.
Some cyberattacks can even destroy computer systems.
Use AI and ML to detect threats. Machine learning works. It
uses algorithms to process large amounts of ever-changing
data. In cybersecurity, this means we have increasingly
sophisticated tools to detect patterns, predict threats, and
leverage up-to-the-second information. In the rapidly
evolving field of cybersecurity, the ability to detect and
mitigate potential threats is paramount. With the increasing
amount of data being generated by networked devices,
traditional security methods are no longer sufficient to keep
networks secure. Machine learning models have the potential
to provide a solution by enabling effective threat detection in
real-time. This project proposes the use of a machine learning
model for cyber threat detection. The model uses a
combination of feature engineering architecture to analyze
network traffic data and detect suspicious activity.
The objective of a cyber security detection platform is to
provide users with a simulated environment in which they can
buy and sell stocks, learn about the stock market, and practice
investment strategies. This is achieved by offering a variety of
features, such as real-time stock quotes, charts, market news,
educational resources, and contests or competitions. The
ultimate goal is to help users develop their knowledge and
skills in investing, and to provide them with a hands-on
experience that can prepare them for real-world investing.
In addition, virtual stock trading platforms can also serve as a
tool for financial institutions to train employees and
Abhijeet Shukla Prof. Rajeshwari k
Dept. of Information Science
BMS College of Engineering BMS College of Engineering
Bengaluru, India Bengaluru, India
rajeshwarik.ise@bmsce.ac.in
students, and to conduct research and analysis. They can
also be used by traders and individual investors as a way to
test their investment strategies, without the risk of losing
real money.
These platforms have a broad range of uses, including
those for education and entertainment. Virtual stock
trading platforms provide a risk-free opportunity for
people who are new to stock trading to become familiar
with the stock market, grasp how trading works, and create
a trading strategy. Virtual stock trading platforms give
seasoned traders a risk-free way to test out new trading
concepts and tactics. These platforms furthermore give
financial firms and educators a platform to instruct clients
and pupils about stock trading. In general, virtual stock
trading platforms give people a flexible and accessible
instrument to develop their stock trading expertise.
Virtual stock trading platforms expand their potential as a
useful resource for people wanting to advance their stock
trading knowledge and abilities by offering instructional
resources. Users can learn about different facets of stock
trading, like market analysis, risk management, and trading
methods, through these tutorials and resources. Articles,
videos, webinars, and even online courses are examples of
these educational resources. These learning resources are
designed to arm users with the information and expertise
they need to make wise judgements when trading stocks in
the real world.
BACKGROUND
Threat Detection in Cybersecurity using Machine Learning
With the rapid growth of digital systems and networks, the
threat landscape in cyberspace has become increasingly
complex and challenging to mitigate. Traditional security
approaches that rely on rule-based systems and signature-based
detection methods are struggling to keep pace with the
ever-evolving nature of cyber threats. As a result, there is a
growing need for more advanced and adaptive techniques to
detect and mitigate these threats effectively.
Machine learning (ML) has emerged as a powerful tool in the
field of cybersecurity due to its ability to analyze vast amounts
of data and identify patterns that indicate malicious activities.
By leveraging ML algorithms, security systems can learn from
historical data, adapt to new threats, and continuously improve
their detection capabilities.

Threat Detection in Cybersecurity using Machine Learning
With the rapid growth of digital systems and networks, the
threat landscape in cyberspace has become increasingly
complex and challenging to mitigate. Traditional security
approaches that rely on rule-based systems and signature-based
detection methods are struggling to keep pace with the
ever-evolving nature of cyber threats. As a result, there is a
growing need for more advanced and adaptive techniques to
detect and mitigate these threats effectively.
Machine learning (ML) has emerged as a powerful tool in the
field of cybersecurity due to its ability to analyze vast amounts
of data and identify patterns that indicate malicious activities.
By leveraging ML algorithms, security systems can learn from
historical data, adapt to new threats, and continuously improve
their detection capabilities.
Cybersecurity is a very important part of all businesses. After
all, if a hacker manages to penetrate their systems, they are
toast! The most difficult component of cybersecurity is
figuring out if the connection requests to the system are
legitimate and if suspicious looking activities like receiving
and sending large amounts of data are coming from
professionals within the company or from cyber threats. This is
very difficult for cybersecurity professionals to detect,
especially in large enterprises where requests are constantly in
the thousands and humans are not always accurate. This is
where machine learning can be of great help to professionals.
A cyber threat detection system based on AI and ML can be
used to monitor all outbound and inbound calls, as well as all
requests to the system, to monitor for suspicious activity.
Versive, for example, is an artificial intelligence provider that
offers cybersecurity software combined with AI.
I. LITERATURE SURVEY
With the rapid increase in Internet traffic, the importance of
cybersecurity is also significantly growing. Areas such as IP
traffic classification, intrusion detection, spam, and malware
require attention. Traditional techniques alone are insufficient
in addressing these cybersecurity challenges, and it is
necessary to adapt to ongoing changes to maintain up-to-date
security measures.
Machine learning has emerged as a valuable tool in the field of
cybersecurity, augmenting traditional rule-based algorithms
and enhancing their efficiency through artificial intelligence
integration. While achieving full automation of analysis and
detection remains an appealing objective, significant
improvements can be made in essential aspects of
cybersecurity. This paper aims to explore the utilization of
diverse machine learning algorithms to tackle prevalent
cybersecurity issues.
A. Use of Machine Learning algorithms for
designing efficient cyber security solutions
The scenario-based insider threat detection focuses on
identifying and mitigating the risks associated with malicious
activities originating from within an organization. These threats
can arise from intentional or unintentional misuse of the
organization's systems, networks, data, and resources.
Detecting insider threats poses a challenge as it involves
individuals who have authorized access and are trusted partners
within the organization.
Current research in insider threat detection primarily revolves
around developing unsupervised behavioral anomaly detection
techniques. The goal is to detect anomalies or abnormal
changes in user behavior over time. However, it is important to
note that anomalous activity does not always indicate malicious
intent and can potentially lead to an insider threat scenario.
In order to improve existing approaches, this paper proposes a
technique for insider threat detection based on classifying user
activities in time series. Initially, a set of one-day features is
computed from the user activity logs. These features capture
relevant information about the activities. Subsequently, a time
series feature vector is generated by analyzing the statistics of
each one-day feature over a specific period of time. The labels
for each time series feature vector, indicating whether they are
malicious or non-malicious, are extracted from the ground truth
data.
To effectively classify the unbalanced insider threat data, which
typically contains only a small number of malicious instances,
a cost-sensitive data adaptation technique is employed. This
technique involves randomly sub-selecting instances from the
non-malicious class. As the classifier, a two-layer deep neural
autoencoder network is utilized and compared against other
commonly used classifiers such as random forest and
multilayer perceptron.
The proposed approach is evaluated using the CMU Insider
Threat Data, the sole publicly available insider threat dataset
comprising web browsing logs, login records, device
connections, file transfers, and email logs, totaling
approximately 14 GB of data. The evaluation demonstrates that
both the deep autoencoder and random forest classifiers
achieve high precision, recall, and f-score when classifying the
time series feature set. Although the multilayer perceptron
exhibits high recall, its precision and f-score are comparatively
lower than the other two classifiers.
v
Fig 1. Architecture of virtual stock trading system.
B.Using Convolutional Neural Networks to
Network Intrusion Detection for Cyber
Threats
Defenders require an efficient network detection
approach that can quickly learn and detect new
network behavioral characteristics to identify
network intrusions. Deep learning techniques,
known for their ability to outperform traditional
approaches in various applications, have shown
promise in this regard.
This study focuses on network intrusion detection
using Convolutional Neural Networks (CNNs) based
on the LeNet-5 architecture to classify network
threats. The experimental results demonstrate a high
prediction accuracy of up to 99.65% for intrusion
detection, based on a dataset of over 10,000 samples,
with an overall accuracy of 97.53%.
Many existing approaches to cyber attack detection
involve cyber threat analysis, aiming to identify
Malicious attackers often attempt to bypass firewalls
and virus detection engines by utilizing legitimate
network protocols such as HTTP, ICMP, and SSL. They
may download malicious applications from users to
remote hosts controlled by command-and-control
servers. Log analysis alone proves challenging in
distinguishing between legitimate and malicious
connections. Additionally, qualitative approaches, such
as information-gathering, help detect traffic anomalies
and differentiate benign from malicious connections in
the presence of unknown threats. However, they
struggle to accurately classify threats in response to
cyberattacks, leading to the problem of false positive
rates when detecting malicious connections using data
flow analysis.
To enhance the classification accuracy in threat
detection and reduce the false positive rate for Network
Intrusion Detection Systems (NIDS), this study
introduces an improved behavior-based classification
learning model using CNNs. The CNN is utilized to
extract enhanced behavioral features and employ
softmax activation to identify the class of threats, using
collected statistical data. The study utilizes network
intrusion information flows from network nodes in the
National Centre for High Performance Computing
(NCHC) and employs clustering analysis to categorize
the behavioral characteristics of different IP addresses
for comparison. Feature vectors are then transformed
into feature matrices, which are treated as input images
for the CNN. This approach accurately categorizes
cyber threats based on the collected behavioral
characteristics derived from network traffic packet
analysis, enabling the defense system to respond
promptly to high-risk threats.
The rest of this article is organized as follows: Section II
reviews previous studies on CNNs, Section III presents
the proposed approach for a network intrusion detection
model with a CNN architecture in an online information
security management system. The experimental results
are discussed in Section VI, and finally, Section V
concludes the paper.
A framework to evaluate the use of Machine Learning and
Natural Language Processing technologies for disease
prediction systems is proposed. A dataset of
disease-symptom information from a reputable UK National
Health Service website was collected and data cleaning,
pre-processing, and NLP techniques to extract symptom
descriptions were performed. The Python 'nltk' library was
used for pre-processing methods such as capitalization, stop
word removal, tokenization, and stemming. The data using
word clouds and clustering algorithms such as k-mean and
Latent Dirichlet Allocation was also evaluated. The goal of
this framework is to demonstrate the potential for using
NLP in disease prediction systems.
The study describes the use of a Multinomial Naive Bayes
(MNB) method for probability classification in a prediction
component. The method involves two steps: first,
calculating the prior probability of each class in the training
dataset, and second, determining the likelihood of a
symptom occurring in a particular class. These calculations
allow the classification of new unseen data.
The study highlights several challenges with current
technologies related to prediction. One issue is the problem
of undetermined prediction, where multiple suggestions are
provided with the same probability scores when there are
only a few symptoms provided. Another issue is the lack of
transparency in the black box
C.Cyber Threat Detection based on
ArtificialNeural Networks using Event Profiles
Detecting cyber threats in an automated and effective
manner is a major challenge in the field of cybersecurity. In
this paper, we propose an artificial intelligence (AI)
technique for cyber threat detection based on artificial
neural networks (ANNs). Our approach involves converting
a large volume of collected security events into individual
event profiles and utilizing deep learning methods for
enhanced cyber threat detection. To accomplish this, we
developed an AI-based Security Information and Event
Management (AI-SIEM) system that leverages event
profiles for data preprocessing and employs various types of
artificial neural networks, including fully connected neural
networks (FCNNs), convolutional neural networks (CNNs),
and long short-term memory networks (LSTMs).

D.Studying machine learning techniques for
intrusion detection systems
This survey paper focuses on providing a comprehensive
review of data mining and machine learning methods
applied in the context of cyber security intrusion
detection. The authors conduct a literature review,
identifying relevant papers based on their citation count
and relevance to emerging methods. For each method,
they provide brief instructional descriptions to give
readers an understanding of the approach. Since data
plays a crucial role in ML and DM approaches, the paper
also describes well-known cyber data sets commonly
used in ML and DM research for cybersecurity. The
complexity of ML and DM algorithms is discussed,
highlighting the challenges associated with their
application in the cybersecurity domain. The paper also
offers recommendations on when to utilize specific
methods based on the characteristics of the problem at
hand. By providing a survey of data mining and machine
learning methods for cyber security intrusion detection,
this paper serves as a valuable resource for researchers
and practitioners in the field. It offers insights into the
different approaches and data sets available, helping
readers navigate the complexities and challenges
associated with applying ML and DM techniques to
enhance cybersecurity.
E.Intrusion Detection in SCADA systems using
Machine Learning Techniques
This paper introduces an intrusion detection module
specifically designed for detecting malicious network
traffic in Supervisory Control and Data Acquisition
(SCADA) systems. Malicious data can disrupt the normal
functioning of SCADA systems and impact their
operations. To address this issue, the paper proposes the
use of an intrusion detection mechanism called One-Class
Support Vector Machine (OCSVM). Unlike other
techniques, OCSVM does not require labeled training
data or prior knowledge of the expected anomalies,
making it suitable for processing SCADA environmental
data and automating SCADA performance monitoring.
The OCSVM module is trained using network traces and
is capable of detecting anomalies in real time within the
SCADA system. It is implemented as part of an Intrusion
Detection System (IDS) developed within the CockpitCI
project. The module communicates with other
components of the system by exchanging Intrusion
Detection Message Exchange Format (IDMEF) messages.
These messages provide information about the incident
source, time of occurrence, and a classification of the
alarm.
By utilizing the OCSVM-based intrusion detection
module, the paper aims to enhance the security of
SCADA systems by detecting and responding to
malicious network traffic promptly. The IDS architecture
developed as part of the CockpitCI project enables
efficient communication and collaboration between
various components involved in the detection and
response process.
The increasing number of cyberattacks has highlighted
the need for improved Intrusion Detection Systems (IDS).
Machine learning techniques (ML) have emerged as
essential tools for early attack classification within IDS.
However, with numerous available algorithms, selecting
the most suitable method can be challenging. To address
this issue, this paper analyzes state-of-the-art intrusion
detection methods, discussing their advantages and
disadvantages. It also provides an overview of different
ML methods, identifying four approaches as the most
suitable for attack classification.
The study evaluates the performance of IDS using several
selected algorithms. The IDS categorizes binary and
multiclass attacks by determining whether the traffic is
benign or malicious. Experimental results demonstrate
that binary classification consistently achieves high
accuracy, ranging from 0.9938 to 0.9977, while multiclass
classification ranges from 0.9294 to 0.9983. Among the
algorithms, multiclass classification with the k-nearest
neighbor algorithm achieves the highest accuracy of
0.9983, while Random Forest achieves the highest score
of 0.9977 in binary classification. These results indicate
that multiclass classification performs better in intrusion
detection by accurately distinguishing between different
types of attacks and enabling a more targeted response.
 II. PROPOSED SYSTEM
Proposing a system for threat detection in cybersecurity
using machine learning involves several components and
considerations. Here's an outline of a potential system
architecture:
Data Collection: Gather a comprehensive dataset
consisting of various cybersecurity-related data sources,
such as network logs, system logs, firewall logs,
intrusion detection system (IDS) alerts, and threat
intelligence feeds. This dataset will serve as the
foundation for training and testing the machine learning
models.
Data Preprocessing: Cleanse and preprocess the collected
data to ensure its quality and compatibility with the
machine learning algorithms. This step may involve data
normalization, handling missing values, removing noise,
and feature engineering to extract relevant information
from the raw data.
Feature Selection/Extraction: Identify the most relevant
features from the preprocessed data that are likely to
have discriminatory power in distinguishing between
normal and malicious activities. This step helps reduce
the dimensionality of the dataset and improve the
efficiency and effectiveness of the machine learning
algorithms.
Model Selection: Choose appropriate machine learning
algorithms for threat detection based on the
characteristics of the problem and the available data.
Commonly used algorithms for cybersecurity threat
detection include anomaly detection techniques (e.g.,
Isolation Forest, One-Class SVM) and supervised
learning algorithms (e.g., Random Forest, Support Vector
Machines).
Model Training: Split the preprocessed dataset into
training and validation sets. Use the training set to train
the selected machine learning models, fine-tuning their
parameters to optimize their performance. Employ
techniques like cross-validation and hyperparameter
tuning to ensure robustness and generalization of the
models.
Model Evaluation: Evaluate the trained models using the
validation set to assess their performance metrics, such as
accuracy, precision, recall, and F1-score. Adjust the
models or experiment with different algorithms as
needed to improve their performance.
Real-Time Monitoring: Deploy the trained model in a
real-time monitoring system that continuously processes
incoming data streams and flags potential threats or
anomalies. This system should be capable of handling
high-volume, high-velocity data to detect and respond to
threats promptly.
Alert Generation and Response: When a potential threat
is detected, generate alerts or notifications to relevant
personnel or security systems. These alerts should
include detailed information about the detected threat and
recommended actions to mitigate or investigate the
incident further.
Continuous Improvement: Continuously update and
retrain the machine learning models to adapt to evolving
threats and changing attack patterns. Regularly
incorporate new data and threat intelligence feeds to
enhance the system's accuracy and effectiveness over
time.
It's important to note that building an effective threat
detection system requires a multidimensional approach
that combines machine learning with other cybersecurity
techniques, such as signature-based detection, behavioral
analysis, and human expertise. Additionally, regular
monitoring, maintenance, and updating of the system are
necessary to ensure its ongoing effectiveness in detecting
emerging threats.
educated decisions, and obtain a deeper grasp of the
complexity of the stock market.
III. METHODOLOGY
The approach used in this research report includes the
development of a threats detection platform using multiple
technologies and frameworks. The necessary libraries, such as
Pandas, Seaborn, and Matplotlib, are imported.The dataset is
loaded from a CSV file using Pandas' read_csv function.Data
cleaning and preprocessing are performed:The "Time"
column is split into "Start time" and "Last time"
columns.Unnecessary columns are dropped from the dataset.
Missing values in the "Attack subcategory" column are filled
with "Not Registered". Duplicated rows are removed from the
dataset.Invalid values for source and destination ports are
filtered out.The values in the "Protocol" and "Attack
category" columns are standardized. Exploratory Data
Analysis (EDA) is conducted:Missing values are visualized
using the missing no library.The number of unique protocols
and attack categories is calculated.Bar charts are created to
show the count and distribution of attack categories.
The code provided generates visualizations such as bar plots,
scatter plots, heatmaps, and violin plots to analyze various
aspects of the dataset. It also calculates statistical measures
like correlation coefficients and performs hypothesis testing
using the t-test.The results and visualizations obtained from
this code can be used to gain insights into the cybersecurity
attacks dataset and understand patterns, trends, and
relationships between different variables.
IV. RESULTS
The results of threat detection in cybersecurity using
machine learning can include improved accuracy in
distinguishing between normal and malicious activities,
early detection of threats, scalability for processing large
volumes of data, adaptability to new threats, reduced
response time, enhanced incident investigation, and
optimized resource allocation. While no system is
foolproof, machine learning can significantly enhance
threat detection capabilities, leading to proactive
mitigation measures and faster response to security
incidents. Continuous monitoring and improvement are
necessary to adapt to evolving threats and maintain
effectiveness over time.
V. CONCLUSION
In conclusion, the application of machine learning algorithms
to cybersecurity has brought significant advances in threat
detection. The ability to analyze vast amounts of data and
identify patterns that could indicate a security breach has
made machine learning a powerful tool for organizations.
However, developing these models is not without its
challenges. One of the biggest challenges is the need for
high-quality, relevant and diverse training datasets. Inaccurate
or biased datasets can lead to false predictions, resulting in
false alarms or missed threats. Another challenge is the need
for machine learning models to be transparent and
explainable. This is important to build trust among
stakeholders and to understand the rationale behind the
model's predictions. Despite these challenges, the potential
benefits of machine learning for threat detection are too great
to ignore. Machine learning can significantly reduce the time
and resources required to detect and respond to threats,
improve the accuracy of threat detection, and help
organizations stay ahead of evolving cyber threats. To fully
realize the potential of machine learning for cybersecurity,
organizations must invest in developing robust and reliable
machine learning models and continuously monitor and
improve these models over time. In conclusion, machine
learning is a promising technology for cybersecurity threat
detection that has already proven its effectiveness in many
real-world applications. The ongoing development and
refinement of machine learning algorithms will likely lead to
even more advanced and powerful threat detection systems in
the future, which will play a critical role in protecting
organizations systems and data from cyber threats.
VI. ACKNOWLEDGEMENTS
We extend our heartfelt gratitude to Dr. B. S. Ragini Narayan,
Dr. P. Dayananda Pai, and Dr. S. Muralidhara for their
unwavering support and the provision of necessary
infrastructure, which played a crucial role in the successful
completion of this Capstone Project Phase-1. Their support
and resources were instrumental in our project's progress and
ultimate success.
Our deepest appreciation goes to Dr. Jayarekha P, the Head of
the Department of Information Science and Engineering,
along with Dr. Nalini M K and Prof. Harini S, the Project
Coordinators, for their constant guidance and support
throughout the project. Their expertise, valuable insights, and
unwavering dedication have significantly contributed to
shaping our research and ensuring its quality.
Special thanks are extended to Prof. Rajeshwari k, our
dedicated guide and Assistant Professor in the Department of
Information Science and Engineering. We are sincerely
grateful for her continuous support, timely guidance, and
mentorship. Her expertise and encouragement have been
invaluable in navigating the challenges of the project and
achieving its objectives.
We would also like to express our gratitude to all the
faculty members of the Department of Information Science
and Engineering for their contributions, including their
insightful views and encouraging ideas. Their support and
collaboration have greatly enriched our project and
fostered a conducive learning environment.
VII. REFERENCES
[1] Soni, S. and Bhushan, B., 2019, July. Use of Machine Learning
algorithms for designing efficient cyber security solutions. In 2019
2nd International Conference on Intelligent Computing,
Instrumentation and Control Technologies (ICICICT) (Vol. 1, pp.
1496-1501). IEEE.
[2] Chen, D., Wawrzynski, P. and Lv, Z., 2021. Cyber security in smart
cities: a review of deep learning-based applications and case studies.
Sustainable Cities and Society, 66, p.102655.
[3] Chattopadhyay, P., Wang, L. and Tan, Y.P., 2018. Scenario-based
insider threat detection from cyber activities. IEEE Transactions on
Computational Social Systems, 5(3), pp.660-675.
[4] Lin, W.H., Lin, H.C., Wang, P., Wu, B.H. and Tsai, J.Y., 2018, April.
Using convolutional neural networks to network intrusion detection
for cyber threats. In 2018 IEEE International Conference on Applied
System Invention (ICASI) (pp.1107-1110). IEEE.
[5] Lee, J., Kim, J., Kim, I. and Han, K., 2019. Cyber threat detection
based on artificial neural networks using event profiles. Ieee Access,
7, pp.165607-165626.
[6] Ganne, A., IoT Threats & Implementation of AI/ML to Address
Emerging Cyber Security Issues in IoT with Cloud Computing.
[7] Dang, Q.V., 2019. Studying machine learning techniques for
intrusion detection systems. In Future Data and Security
Engineering: 6th International Conference, FDSE 2019, Nha Trang
City, Vietnam, November 27–29, 2019, Proceedings 6 (pp.
411-426). Springer International Publishing.
[8] Maglaras, L.A. and Jiang, J., 2014, August. Intrusion detection in
SCADA systems using machine learning techniques. In 2014
Science and Information Conference (pp. 626-631). IEEE.
[9] Bindra, N. and Sood, M., 2019. Detecting DDoS attacks using
machine learning techniques and contemporary intrusion detection
dataset. Automatic Control and Computer Sciences, 53, pp.419-428.
[10] Allard, F., Dubois, R., Gompel, P. and Morel, M., 2011. Tunneling
activities detection using machine learning techniques. Journal of
[11] Ullah, F., Naeem, H., Jabbar, S., Khalid, S., Latif, M.A.,
Al-Turjman, F. and Mostarda, L., 2019. Cyber security threats
detection in the internet of things using a deep learning approach.
IEEE access, 7, pp.124379-124389.
[12] Dalal, K.R. and Rele, M., 2018, October. Cyber Security: Threat
Detection Model based on Machine learning Algorithm. In 2018 3rd
International Conference on Communication and Electronics
Systems (ICCES) (pp. 239-243). IEEE.
[13] Joloudari, J.H., Haderbadi, M., Mashmool, A., GhasemiGol, M.,
Band, S.S. and Mosavi, A., 2020. Early detection of the advanced
persistent threat attack using performance analysis of deep learning.
IEEE Access, 8, pp.186125-186137.
[14] Buczak, A.L. and Guven, E., 2015. A survey of data mining and
machine learning methods for cyber security intrusion detection.
IEEE Communications surveys & tutorials, 18(2), pp.1153-1176.
[15] Liu, Q., Li, P., Zhao, W., Cai, W., Yu, S. and Leung, V.C., 2018. A
survey on security threats and defensive techniques of machine
learning: A data driven view. IEEE access, 6, pp.12103-12117.