Machine Learning Approach for Classification of Cyber Threats Actors in Web Region
DOI:
https://doi.org/10.37802/joti.v6i1.679Keywords:
Threats, Dark Web, Cybersecurity, Attribution, Machine LearningAbstract
In the interconnected scape of today's internet, the dark web emerges as a concealed point, covering a myriad of illicit activities that pose substantial cybersecurity risks. This study investigates the attribution of threats within the dark web environment, leveraging on a machine learning approach to bridge the gap between technical indicators and linguistic and behavioral insights. Through a comprehensive methodology involving web crawling and data gathering, a dataset encompassing key variables such as attack motivation, method, web part, and threat actor was gathered. Principal Component Analysis was employed for feature selection, followed by the application of Multinomial Naive Bayes (MNB), Support Vector Machine (SVM), Random Forest (RF), and CatBoost algorithms for classification. Performance evaluation metrics including precision, recall, and F1-score were utilized to assess the efficacy of each algorithm. Results indicate a notable prevalence of cybercrimes within the dark web, underscoring the necessity for enhanced cybersecurity strategies tailored to address its unique challenges. Furthermore, the comparative analysis demonstrates varying performance levels among the machine learning algorithms, with Multinomial Naive Bayes exhibiting the highest accuracy. This research contributes to advancing threat attribution techniques in the dark web, ultimately aiming to bolster cybersecurity defenses and mitigate future cyber threats.
Downloads
References
H. Albasheer, M. Siraj, A. Mubarakali, O. Elsier Tayfour, S. Salih, M. Hamdan, S. Khan, A. Zainal, and S. Kamarudeen, "Cyber-Attack Prediction Based on Network Intrusion Detection Systems for Alert Correlation Techniques: A Survey," Sensors, vol. 22, no. 4, pp. 1494, 2022. [Online]. Available: https://doi.org/10.3390/s22041494.
S. Amit, J. Jay, and K. Gaurav, "Intrusion Detection System: A Comparative Study of Machine Learning-based IDS," Journal of Research Square, vol. 3, no. 2, pp. 1-30, 2022. [Online]. Available: https://doi.org/10.21203/rs.3.rs-1634802/v1.
L. Ashiku and C. H. Dagli, "Network Intrusion Detection System using Deep Learning," Procedia Computer Science, vol. 185, no. 6, pp. 239-247, June 2021. [Online]. Available: https://doi.org/10.1016/j.procs.2021.05.025.
Elsayed, H. A. G., Chaffar, S., & Belhaouari, S. B. (2020). A two-level deep learning approach for emotion recognition in Arabic news headlines. International Journal of Computers and Applications, vol. 44, no. 7, pp. 604-613. doi: 10.1080/1206212X.2020.1851501.
E. A. Emad, E. Wafa, and F. O. Ahmed, "Intrusion Detection Systems using Supervised Machine Learning Techniques: A Survey," in International Conference on Ambient Systems Networks and Technologies, vol. 8, no. 3, pp. 205-212, 2022.
S. B. Erukala, S. R. Mekala, P. Rambabu, R. N. Soumya, and S. Achyut, "A Hybrid Intrusion Detection System against Botnet Attack in IoT using Light Weight Signature and Ensemble Learning Technique," Research Square Journals, vol. 4, no. 2, pp. 1-17, 2022. [Online]. Available: https://doi.org/10.1109/IndiaCom.2014.6828073.
A. D. Evarakonda, N. Sharma, P. Saha, and S. Ramya, "Network intrusion detection: a comparative study of four classifiers using the NSL-KDD and KDD'99 datasets," Research Square Journals, vol. 4, no. 2, pp. 1-17, 2022. [Online]. Available: https://doi.org/10.1088/1742-6596/2161/1/012043
J. D. Gadze, A. A. Bamfo-Asante, J. O. Agyemang, H. Nunoo-Mensah, and K. A. B. Opare, "An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers," Technologies, vol. 9, no. 1, pp. 14-29, 2021. doi: 10.3390/technologies9010014.
X. Gao, C. Shan, C. Hu, Z. Niu and Z. Liu, "An Adaptive Ensemble Machine Learning Model for Intrusion Detection," in IEEE Access, vol. 7, pp. 82512-82521,2019.
L. Guangrui, Z. Weizhe, L. Xinjie, F. Kaisheng, and Y. Shui, "VulnerGAN: a backdoor attack through vulnerability amplification against machine learning-based network intrusion detection systems," *Science China Information Sciences*, vol. 65, no. 1, pp. 1-19, 2022.
K. Gurbani and K. Dharmender, "Classification of Intrusion using Artificial Neural Network with GWO," *International Journal of Engineering and Advanced Technology (IJEAT)*, vol. 9, no. 4, pp. 599-606, 2020.
I. A. Hidayat and A. Arshad, "Machine learning based intrusion detection system: an experimental comparison," Journal of Computational and Cognitive Engineering, vol. 3, no. 1, pp. 23-43, 2022.
Ziaul, H., "Cyber Security of the Maritime ICTs, Threat Vectors and Implications on Global Sea Lanes of Commerce (SLOC)," *Global Journal of Science Frontier Research: E Marine Science*, vol. 23, no. 1, pp. 1-10, 2023.
Alanazi, A. T., "Clinicians’ Perspectives on Healthcare Cybersecurity and Cyber Threats," Cureus, vol. 15, no. 10, e47026, Oct. 2023. doi: 10.7759/cureus.47026
O. Zahra, Z. El, C. Habiba, and B. Salmane, "Cyber-attack crisis management in the context of energy companies," Web of Conferences, vol. 412, p. 01106, 2023. doi: 10.1051/e3sconf/202341201106
N. Jeffrey, Q. Tan, and J.R. Villar, "A Review of Anomaly Detection Strategies to Detect Threats to Cyber-Physical Systems," Electronics, vol. 12, no. 15, pp. 3283, Aug. 2023. doi: 10.3390/electronics12153283.
A. Jawad, A. S. Syed, L. Shahid, A. Fawad, Z. Zhuo, and P. Nikolaos, "A deep random neural network with particle swarm optimization for intrusion detection in the industrial internet of things," Journal of King Saud University – Computer and Information Sciences, vol. 3, no. 3, pp. 1-10, 2022. [Online].Available:https://pureportal.coventry.ac.uk/files/57466468/Published.pdf
S. B. Erukala, S. R. Mekala, P. Rambabu, R. N. Soumya, and S. Achyut, "A Hybrid Intrusion Detection System against Botnet Attack in IoT using Light Weight Signature and Ensemble Learning Technique," Research Square Journals, vol. 4, no. 2, pp. 1-17, 2022.
K. Wolsing, W. Eric, S. Antoine, and H. Martin, "Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems," in *International Symposium on Research in Attacks, Intrusions and Defenses*, 2020, pp. 1-17. doi: 10.1145/3545948.3545968
I. J Umoren & S. J. Inyang, “Methodical Performance Modelling of Mobile Broadband Networks with Soft Computing Model,” International Journal of Computer Applications, vol. 174, no. 25, pp. 7-21, 2021.
A. E. Edet and G. O. Ansa, "Machine Learning Enabled System for Efficient Classification of Intrusion Severity," Global Journal of Engineering and Technology Advances, vol. 16, no. 3, pp. 41-50, 2023.
S. Inyang and I. Umoren, "From Text to Insights: NLP-Driven Classification of Infectious Diseases Based on Ecological Risk Factors," Journal of Innovation Information Technology and Application (JINITA), vol. 5, no. 2, pp. 154-165, 2023.[Online].Available:https://ejournal.pnc.ac.id/index.php/jinita/article/view/2084.