Development of Cyber Threat Model in the Royal Thai Air Force Using Machine Learning
Article Sidebar
Main Article Content
Abstract
Current cyber threats have a wide impact on security agencies. Therefore, it is absolutely necessary to have an intrusion detection system. One of the factors that affect the efficiency of an intrusion detection is that the Royal Thai Air Force (RTAF) must have his own cyber threat dataset used in training and develop the model. Therefore, the purposes of this research were to present studying, collecting and analyzing of cyber threats within the RTAF in order to respond to cyber threats and to develop a cyber threats model by using machine learning techniques imported into the process of valuing accuracy of cyber threat detection within the RTAF by using RapidMiner Studio to analyze with five models: Naïve Bayes, Decision Tree, Random Forest, Gradient Boosted Trees and Support Vector Machines. The researchers used the cyber threat data set which consists of attacks within the RTAF network in which the main threats were caused by 7-type malicious softwares, totaling 38,642 attacks, each contains computer traffic data (Traffic Log) used as the training data for the model. The Naïve Bayes and Random Forest models were chosen to increase efficiency. Both models gave the highest accuracy of 98.01% and a detailed assessment of the mixed model (Hybrid) gave the accuracy of 98.01 %, the precision of 96.07%, the recall of 98.17 % and the mean (F1 Score) of 97.04 %.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Article Accepting Policy
The editorial board of Thai-Nichi Institute of Technology is pleased to receive articles from lecturers and experts in the fields of business administration, languages, engineering and technology written in Thai or English. The academic work submitted for publication must not be published in any other publication before and must not be under consideration of other journal submissions. Therefore, those interested in participating in the dissemination of work and knowledge can submit their article to the editorial board for further submission to the screening committee to consider publishing in the journal. The articles that can be published include solely research articles. Interested persons can prepare their articles by reviewing recommendations for article authors.
Copyright infringement is solely the responsibility of the author(s) of the article. Articles that have been published must be screened and reviewed for quality from qualified experts approved by the editorial board.
The text that appears within each article published in this research journal is a personal opinion of each author, nothing related to Thai-Nichi Institute of Technology, and other faculty members in the institution in any way. Responsibilities and accuracy for the content of each article are owned by each author. If there is any mistake, each author will be responsible for his/her own article(s).
The editorial board reserves the right not to bring any content, views or comments of articles in the Journal of Thai-Nichi Institute of Technology to publish before receiving permission from the authorized author(s) in writing. The published work is the copyright of the Journal of Thai-Nichi Institute of Technology.
References
D. Kapil, N. Mehra, A. Gupta, S. Maurya, and A. Sharma, “Network security: Threat model, Attacks, and IDS using machine learning,” in Int. Conf. Artif. Intell. and Smart Syst. (ICAIS), Coimbatore, India, 2021, pp. 203–208.
U. S. Musa, S. Chakraborty, M. M. Abdullahi, and T. Maini, “A review on intrusion detection system using machine learning techniques,” in Int. Conf. Comput., Commun., and Intell. Syst. (ICCCIS), Greater Noida, India, 2021, pp. 541–549.
F. Hossain, M. Akter, and M. N. Uddin, “Cyber Attack Detection Model (CADM) based on machine learning approach,” in 2nd Int. Conf. Robotics, Elect. and Signal Process. Techn. (ICREST), Dhaka, Bangladesh, 2021, pp. 567–572.
A. Halimaa and K. Sundarakantham, “Machine learning based intrusion detection system,” in 3rd Int. Conf. Trends in Electron. and Inform. (ICOEI), Tirunelveli, India, 2019, pp. 916–920.
S. Biswas, “Intrusion detection using machine learning: A comparison study,” Int. J. Pure Appl. Math., vol. 118, no. 19, pp. 101–114, Feb. 2018.
F. Y. Osisanwo, J. E. T. Akinsola, O. Awodele, J. O. Hinmikaiye, O. Olakanmi, and J. Akinjobi, “Supervised machine learning algorithms: Classification and comparison,” Int. J. Comput. Trends Technol. (IJCTT), vol. 48, no. 3, pp. 128–138, Jun. 2017, doi: 10.14445/22312803/IJCTT-V48P126.
A. Handa, A. Sharma, and S. K. Shukla, “Machine learning in cybersecurity: A review,” WIREs Data Mining and Knowl. Discovery, vol. 9, no. 4, 2019, doi: 10.1002/widm.1306.
C. G. Cordero, E. Vasilomanolakis, A. Wainakh, M. Mühlhäuser, and S. N. Tehrani, “On generating network traffic datasets with synthetic attacks for intrusion detection,” ACM Trans. Privacy Secur. (TOPS), vol. 24, no. 2, pp. 1–39, Dec. 2020.
R. -F. Hong, S. -C. Horng, and S. -S. Lin, “Machine learning in cyber security analytics using NSL-KDD Dataset,” in Int. Conf. Technol. and Appl. Artif. Intell. (TAAI), Taichung, Taiwan, 2021, pp. 260–265.
A. O. David and U. J. Joseph, “A novel immune inspired concept with neural network for intrusion detection in cybersecurity,” Int. J. Appl. Inf. Syst. (IJAIS), vol. 12, no. 30, pp. 13–17, Jun. 2020.
A. Mathew, “Cybersecurity infrastructure and security automation,” Adv. Comput.: An Int. J. (ACIJ), vol. 10, no. 6, pp. 1–7, 2019.
B. Mahesh, “Machine Learning Algorithms - A Review,” Int. J. Sci. and Res. (IJSR), vol. 9, no. 1, pp. 381–386, Jan. 2020.
S. Bagui, E. Kalaimannan, S. Bagui, D. Nandi, and A. Pinto, “Using machine learning techniques to identify rare cyber-attacks on the UNSW-NB15 dataset,” Secur. Privacy, vol. 2, no. 6, 2019, doi: 10.1002/spy2.91.
D. Upadhyay, J. Manero, M. Zaman, and S. Sampalli, “Gradient boosting feature selection with machine learning classifiers for intrusion detection on power grids,” IEEE Trans. Netw. Service Manag., vol. 18, no. 1, pp. 1104–1116, Mar. 2021, doi: 10.1109/TNSM.2020.3032618.
N. F. Rusland, N. Wahid, S. Kasim, and H. Hafit, “Analysis of naïve bayes algorithm for email spam filtering across multiple datasets,” in Proc. Int. Res. Innov. Summit (IRIS2017), Melaka, Malaysia, May 2017, doi: 10.1088/1757-899X/226/1/012091.
Y. Hamid, M. Sugumaran, and V. Balasaraswathi, “IDS using machine learning - current state of art and future directions,” British J. Appl. Sci. & Technol., vol. 15, no. 3, pp. 1–22, 2016, doi: 10.9734/bjast/2016/23668.
I. Sharafaldin, A. H. Lashkar, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” in Proc. 4th Int. Conf. Inf. Syst. Secur. Privacy (ICISSP), 2018, pp. 108–116, doi: 10.5220/0006639801080116.
M. H. Hameed, U. Rasheed, and A. Rehan, “Spam profile detection on Facebook and performance evaluation of machine learning Algorithms,” Int. J. Innov. Sci. Res. Technol., vol. 7, no. 8, pp. 870–875, Aug. 2022.
T. Vincent and U. Prince, “Implementation of critical information infrastructure protection techniques against cyber attacks using big data analytics,” Jun. 2021. [Online]. Available: https://www.researchgate.net/publication/352682216_IMPLEMENTATION_OF_CRITICAL_INFORMATION_INFRASTRUCTURE_PROTECTION_TECHNIQUES_AGAINST_CYBER_ATTACK_USING_BIG_DATA_ANALYTICS
I. H. Sarker, A. S. M. Kayes, S. Badsha, H. Alqahtani, P. Watters, and A. Ng, “Cybersecurity data science: An overview from machine learning perspective,” J. Big Data, vol. 7, 2020, Art. no. 41.
A. B. Shaik and S. Srinivasan, “A brief survey on random forest ensembles in classification model,” in Proc. Int. Conf. Innov. Comput. and Commun., New Delhi, India, May 2018, pp. 253–260.
M. Abdullahi, “Detecting cybersecurity attacks in internet of things using artificial intelligence methods: A systematic literature review,” Electron., vol. 11, no. 2, p. 198, 2022, doi: 10.3390/electronics11020198.
N. Baharun, N. F. M. Razi, S. Masrom, N. A. M. Yusri, and A. S. A. Rahman, “Auto modelling for machine learning: A comparison implementation between RapidMiner and Python,” Int. J. Emerging Technol. Adv. Eng., vol. 12, no. 5, pp. 15–27, 2022, doi: 10.46338/ijetae0522_03.