Develop Automated Systems that Gather and Analyze Threat Data to Protect Business Systems Automatically from Cyberattacks

Tanvir Rahman, Akash and Md Sultanul Arefin, Sourav and Sanjida Akter, Sarna and Md, Rakibuzzaman (2023) Develop Automated Systems that Gather and Analyze Threat Data to Protect Business Systems Automatically from Cyberattacks. American Journal of Engineering, Mechanics and Architecture, 1 (6). pp. 90-113. ISSN 2993-2637

Text
Develop Automated Systems.pdf
Download (863kB)

Official URL: https://grnjournal.us/index.php/AJEMA/article/view...

Abstract

The explosive growth of inter-connectivity of IoT devices has changed the modern-day world of living as well as the industrial environment, providing increased connectivity and automation. This expansion has brought major cybersecurity weak spots especially in the case of real time IoT networks, where legacy security mechanisms are usually ineffective. This research explores approaches to cyberattack detection through the usage of the RT-IoT2022 dataset, which is a large and free resource that emulates real one’s traffic of the IoT devices. The dataset contains not only benign traffic, but a wide range of cyberattacks: SSH brute-force, Hping based DDoS, Slowloris, ARP poisoning and multiple Nmap scanning variants. Our study uses machine learning to class and identify irregular behavior in network traffic. After intensive data pre-processing including feature selection and feature normalization, trained and assessed several supervised learning models such as Random Forest, XGBoost, Support Vector Machines (SVM) and Logistic Regression. The models were tested using metrics of performance such as accuracy, precision, recall F1-score and Area Under the Curve (AUC). Results show that ensemble-based classifiers perform particularly well on Random Forest and XGBoost in distinguishing between benign and malicious flows because of the ability to capture nonlinear relationships among the 80 bidirectional flow features of the dataset. In addition, the analysis points to the importance of real-time traffic parameters – packet duration, flow directionality and protocol distribution – for efficient intrusion detection. This paper strengthens the expanding body of research on IoT security; it shows how it is possible to use machine learning and rich network flow to increase real-time attack identification in complex IoT environments.

Item Type:	Article
Subjects:	T Technology > TA Engineering (General). Civil engineering (General)
Divisions:	Postgraduate > Master's of Islamic Education
Depositing User:	Journal Editor
Date Deposited:	24 May 2025 06:00
Last Modified:	24 May 2025 06:00
URI:	http://eprints.umsida.ac.id/id/eprint/16112

Actions (login required)

View Item

CORE (COnnecting REpositories)