Network Forensics Analysis of Cyber Attacks on Computer Systems using Machine Learning Techniques

Abstract

With the rapid development of technology, significant progress has been observed regarding the Internet and interconnected devices, increasing the risk of cyberattacks targeting these platforms. These attacks take diverse and sophisticated forms and pose a serious threat to companies, potentially causing substantial financial losses and service disruptions. In response, the pressing need exists to develop robust defense strategies. This research focuses on analyzing attacks on information systems, specifically concentrating on network forensics using machine learning techniques. The initial phase involves executing various attack scenarios in a virtual environment, recording network packets, and extracting relevant features to create a dataset. A classification framework is then created that includes machine learning algorithms such as random forest, support vector machine (SVM), and Naïve Bayes. Comparing the performance of these algorithms on the study’s dataset has revealed the random forest algorithm to achieve the highest accuracy rate at 94.8%, with Naive Bayes having the lowest at 78.9

Keywords

• Machine learning
• cyberthreat
• network forensics
• classification algorithms
• intrusion detection system

References

1. Aamir, M., Rizvi, S. S. H., Hashmani, M. A., Zubair, M., & Usman, J. A. . (2021). Machine Learning Classification of Port Scanning and DDoS Attacks: A Comparative Analysis. Mehran University Research Journal of Engineering and Technology. https://doi.org/10.22581/muet1982.2101.19 google scholar
2. Ahmetoğlu, H., & Daş, R. (2021). Makine Öğrenmesi Yöntemleri Kullanarak Web Uygulama Saldırılarının Tespitinde Genetik Öznitelik Seçimi Yaklaşımı. Türkiye Bilişim Vakfı Bilgisayar Bilimleri ve Mühendisliği Dergisi. https://doi.org/10.54525/tbbmd.1018465 google scholar
3. Akbal, E., Doğan, Ş., Tuncer, T., & Atalay, N. S. (2019). Adli Bilişim Alanında Ağ Analizi. Bitlis Eren Üniversitesi Fen Bilimleri Dergisi. https://doi.org/10.17798/bitlisfen.479303 google scholar
4. AlZubi, A. A., Al-Maitah, M., & Alarifi, A. (2021). Cyber-attack detection in healthcare using cyber-physical system and machine learning techniques. Soft Computing. https://doi.org/10.1007/s00500-021-05926-8 google scholar
5. Ashton, J. J., Young, A., Johnson, M. J., & Beattie, R. M. (2023). Using machine learning to impact on long-term clinical care: principles, challenges, and practicalities. Pediatric Research. https://doi.org/10.1038/s41390-022-02194-6 google scholar
6. Aslan, O., & Yilmaz, A. A. (2021). A New Malware Classification Framework Based on Deep Learning Algorithms. IEEE Access. https://doi.org/10.1109/ACCESS.2021.3089586 google scholar
7. Başlar, Y. (2020). Adli Bilişim Sürecinde Karşılaşılan Sorunlar ve Çözüm Önerileri. Türkiye Barolar Birliği Dergisi, 32(148), 47-76. Retrieved from https://app.trdizin.gov.tr/makale/TXpZeU5EUXpNdz09/adli-bilisim-surecinde-karsilasilan-sorunlar-ve-cozum-onerileri google scholar
8. Bi, Q., Goodman, K. E., Kaminsky, J., & Lessler, J. (2019). What is machine learning? A primer for the epidemiologist. American Journal of Epidemiology. https://doi.org/10.1093/aje/kwz189 google scholar

9. Dina, A. S., & Manivannan, D. (2021). Intrusion detection based on Machine Learning techniques in computer networks. Internet of Things (Netherlands), 16(August). https://doi.org/10.1016/j.iot.2021.100462 google scholar
10. Ferrag, M. A., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications. https://doi.org/10.1016/j.jisa.2019.102419 google scholar
11. Hunt, R. (2012). New developments in network forensics-Tools and techniques. IEEE International Conference on Networks, ICON. https://doi.org/10.1109/ICON.2012.6506587 google scholar
12. İnce, C., İnce, K., Hanbay, D., Üniversitesi, İ., İşlem, B., Başkanlığı, D., . . . Bölümü, M. (2021). Saldırı Tespit Sistemlerinde Sınıflandırma Yöntemlerinin Kıyaslanması. Dergipark.Org.Tr, (1), 1-11. Retrieved from https://dergipark.org.tr/en/pub/bbd/issue/59753/791939 google scholar
13. Karaman, M. S., Turan, M., & Aydin, M. A. (2021). Yapay Sinir Ağı Kullanılarak Anomali Tabanlı Saldırı Tespit Modeli Uygulaması. European Journal of Science and Technology. https://doi.org/10.31590/ejosat.1115825 google scholar
14. Kilincer, I. F., Ertam, F., & Sengur, A. (2022). A comprehensive intrusion detection framework using boosting algorithms. Computers and Electrical Engineering. https://doi.org/10.1016/j.compeleceng.2022.107869 google scholar
15. Krishna Suryadevara, C. (2023). Issue 4 Diabetes Risk Assessment Using Machine Learning: A Comparative Study of Classification Algorithms. International Engineering Journal For Research & Development, 8(4). Retrieved from www.iejrd.com google scholar
16. Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports. https://doi.org/10.1016/j.egyr.2021.08.126 google scholar
17. Nancy Noella, R. S., & Priyadarshini, J. (2023). Machine learning algorithms for the diagnosis of Alzheimer and Parkinson disease. Journal of Medical Engineering and Technology. https://doi.org/10.1080/03091902.2022.2097326 google scholar
18. Nurdina, A., & Puspita, A. B. I. (2023). Naive Bayes and KNN for Airline Passenger Satisfaction Classification: Comparative Analysis. Journal of Information System Exploration and Research. https://doi.org/10.52465/joiser.v1i2.167 google scholar
19. Özekes, S., & Karakoç, E. N. (2019). Makine Öğrenmesi Yöntemleriyle Anormal Ağ Trafiğinin Tespit Edilmesi. Düzce Üniversitesi Bilim ve Teknoloji Dergisi. https://doi.org/10.29130/dubited.498358 google scholar
20. Pallathadka, H., Wenda, A., Ramirez-As^s, E., Asfs-Löpez, M., Flores-Albornoz, J., & Phasinam, K. (2023). Classification and prediction of student performance data using various machine learning algorithms. Materials Today: Proceedings. https://doi.org/10.1016/j.matpr.2021.07.382 google scholar
21. Qureshi, S., Tunio, S., Akhtar, F., Wajahat, A., Nazir, A., & Ullah, F. (2021). Network Forensics: A Comprehensive Review of Tools and Techniques. International Journal of Advanced Computer Science and Applications. https://doi.org/10.14569/IJACSA.2021.01205103 google scholar
22. Radivilova, T., Kirichenko, L., Ageiev, D., & Bulakh, V. (2019). Classification methods of machine learning to detect DDoS attacks. Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2019. https://doi.org/10.1109/IDAACS.2019.8924406 google scholar
23. Shafiq, M., Tian, Z., Sun, Y., Du, X., & Guizani, M. (2020). Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city. Future Generation Computer Systems. https://doi.org/10.1016/j.future.2020.02.017 google scholar
24. Sharma, N., Sharma, R., & Jindal, N. (2021). Machine Learning and Deep Learning Applications-A Vision. Global Transitions Proceedings. https://doi.org/10.1016/j.gltp.2021.01.004 google scholar
25. Shaukat, K., Luo, S., Chen, S., & Liu, D. (2020). Cyber Threat Detection Using Machine Learning Techniques: A Perfor-mance Evaluation Perspective. 1st Annual International Conference on Cyber Warfare and Security, ICCWS 2020 - Proceedings. https://doi.org/10.1109/ICCWS48432.2020.9292388 google scholar
26. Shaukat, K., Luo, S., Varadharajan, V., Hameed, I. A., & Xu, M. (2020). A Survey on Machine Learning Techniques for Cyber Security in the Last Decade. IEEE Access. https://doi.org/10.1109/ACCESS.2020.3041951 google scholar
27. Wani, A. R., Rana, Q. P., Saxena, U., & Pandey, N. (2019). Analysis and Detection of DDoS Attacks on Cloud Computing Environ-ment using Machine Learning Techniques. Proceedings - 2019 Amity International Conference on Artificial Intelligence, AICAI 2019. https://doi.org/10.1109/AICAI.2019.8701238 google scholar
28. Zhang, X., Chen, J., Zhou, Y., Han, L., & Lin, J. (2019). A Multiple-Layer Representation Learning Model for Network-Based Attack Detection. IEEE Access. https://doi.org/10.1109/ACCESS.2019.2927465 google scholar