Network Forensics Analysis of Cyber Attacks on Computer Systems using Machine Learning Techniques

Year 2024, Volume: 8 Issue: 1, 34 - 50, 28.06.2024

Firdevs Yıldız , Batuhan Gül , Fatih Ertam

https://doi.org/10.26650/acin.1444470

Abstract

With the rapid development of technology, significant progress has been observed regarding the Internet and interconnected devices, increasing the risk of cyberattacks targeting these platforms. These attacks take diverse and sophisticated forms and pose a serious threat to companies, potentially causing substantial financial losses and service disruptions. In response, the pressing need exists to develop robust defense strategies. This research focuses on analyzing attacks on information systems, specifically concentrating on network forensics using machine learning techniques. The initial phase involves executing various attack scenarios in a virtual environment, recording network packets, and extracting relevant features to create a dataset. A classification framework is then created that includes machine learning algorithms such as random forest, support vector machine (SVM), and Naïve Bayes. Comparing the performance of these algorithms on the study’s dataset has revealed the random forest algorithm to achieve the highest accuracy rate at 94.8%, with Naive Bayes having the lowest at 78.9

Keywords

Machine learning, cyberthreat, network forensics, classification algorithms, intrusion detection system

References

• Aamir, M., Rizvi, S. S. H., Hashmani, M. A., Zubair, M., & Usman, J. A. . (2021). Machine Learning Classification of Port Scanning and DDoS Attacks: A Comparative Analysis. Mehran University Research Journal of Engineering and Technology. https://doi.org/10.22581/muet1982.2101.19 google scholar
• Ahmetoğlu, H., & Daş, R. (2021). Makine Öğrenmesi Yöntemleri Kullanarak Web Uygulama Saldırılarının Tespitinde Genetik Öznitelik Seçimi Yaklaşımı. Türkiye Bilişim Vakfı Bilgisayar Bilimleri ve Mühendisliği Dergisi. https://doi.org/10.54525/tbbmd.1018465 google scholar
• Akbal, E., Doğan, Ş., Tuncer, T., & Atalay, N. S. (2019). Adli Bilişim Alanında Ağ Analizi. Bitlis Eren Üniversitesi Fen Bilimleri Dergisi. https://doi.org/10.17798/bitlisfen.479303 google scholar
• AlZubi, A. A., Al-Maitah, M., & Alarifi, A. (2021). Cyber-attack detection in healthcare using cyber-physical system and machine learning techniques. Soft Computing. https://doi.org/10.1007/s00500-021-05926-8 google scholar
• Ashton, J. J., Young, A., Johnson, M. J., & Beattie, R. M. (2023). Using machine learning to impact on long-term clinical care: principles, challenges, and practicalities. Pediatric Research. https://doi.org/10.1038/s41390-022-02194-6 google scholar
• Aslan, O., & Yilmaz, A. A. (2021). A New Malware Classification Framework Based on Deep Learning Algorithms. IEEE Access. https://doi.org/10.1109/ACCESS.2021.3089586 google scholar
• Başlar, Y. (2020). Adli Bilişim Sürecinde Karşılaşılan Sorunlar ve Çözüm Önerileri. Türkiye Barolar Birliği Dergisi, 32(148), 47-76. Retrieved from https://app.trdizin.gov.tr/makale/TXpZeU5EUXpNdz09/adli-bilisim-surecinde-karsilasilan-sorunlar-ve-cozum-onerileri google scholar
• Bi, Q., Goodman, K. E., Kaminsky, J., & Lessler, J. (2019). What is machine learning? A primer for the epidemiologist. American Journal of Epidemiology. https://doi.org/10.1093/aje/kwz189 google scholar
• Dina, A. S., & Manivannan, D. (2021). Intrusion detection based on Machine Learning techniques in computer networks. Internet of Things (Netherlands), 16(August). https://doi.org/10.1016/j.iot.2021.100462 google scholar
• Ferrag, M. A., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications. https://doi.org/10.1016/j.jisa.2019.102419 google scholar
• Hunt, R. (2012). New developments in network forensics-Tools and techniques. IEEE International Conference on Networks, ICON. https://doi.org/10.1109/ICON.2012.6506587 google scholar
• İnce, C., İnce, K., Hanbay, D., Üniversitesi, İ., İşlem, B., Başkanlığı, D., . . . Bölümü, M. (2021). Saldırı Tespit Sistemlerinde Sınıflandırma Yöntemlerinin Kıyaslanması. Dergipark.Org.Tr, (1), 1-11. Retrieved from https://dergipark.org.tr/en/pub/bbd/issue/59753/791939 google scholar
• Karaman, M. S., Turan, M., & Aydin, M. A. (2021). Yapay Sinir Ağı Kullanılarak Anomali Tabanlı Saldırı Tespit Modeli Uygulaması. European Journal of Science and Technology. https://doi.org/10.31590/ejosat.1115825 google scholar
• Kilincer, I. F., Ertam, F., & Sengur, A. (2022). A comprehensive intrusion detection framework using boosting algorithms. Computers and Electrical Engineering. https://doi.org/10.1016/j.compeleceng.2022.107869 google scholar
• Krishna Suryadevara, C. (2023). Issue 4 Diabetes Risk Assessment Using Machine Learning: A Comparative Study of Classification Algorithms. International Engineering Journal For Research & Development, 8(4). Retrieved from www.iejrd.com google scholar
• Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports. https://doi.org/10.1016/j.egyr.2021.08.126 google scholar
• Nancy Noella, R. S., & Priyadarshini, J. (2023). Machine learning algorithms for the diagnosis of Alzheimer and Parkinson disease. Journal of Medical Engineering and Technology. https://doi.org/10.1080/03091902.2022.2097326 google scholar
• Nurdina, A., & Puspita, A. B. I. (2023). Naive Bayes and KNN for Airline Passenger Satisfaction Classification: Comparative Analysis. Journal of Information System Exploration and Research. https://doi.org/10.52465/joiser.v1i2.167 google scholar
• Özekes, S., & Karakoç, E. N. (2019). Makine Öğrenmesi Yöntemleriyle Anormal Ağ Trafiğinin Tespit Edilmesi. Düzce Üniversitesi Bilim ve Teknoloji Dergisi. https://doi.org/10.29130/dubited.498358 google scholar
• Pallathadka, H., Wenda, A., Ramirez-As^s, E., Asfs-Löpez, M., Flores-Albornoz, J., & Phasinam, K. (2023). Classification and prediction of student performance data using various machine learning algorithms. Materials Today: Proceedings. https://doi.org/10.1016/j.matpr.2021.07.382 google scholar
• Qureshi, S., Tunio, S., Akhtar, F., Wajahat, A., Nazir, A., & Ullah, F. (2021). Network Forensics: A Comprehensive Review of Tools and Techniques. International Journal of Advanced Computer Science and Applications. https://doi.org/10.14569/IJACSA.2021.01205103 google scholar
• Radivilova, T., Kirichenko, L., Ageiev, D., & Bulakh, V. (2019). Classification methods of machine learning to detect DDoS attacks. Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2019. https://doi.org/10.1109/IDAACS.2019.8924406 google scholar
• Shafiq, M., Tian, Z., Sun, Y., Du, X., & Guizani, M. (2020). Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city. Future Generation Computer Systems. https://doi.org/10.1016/j.future.2020.02.017 google scholar
• Sharma, N., Sharma, R., & Jindal, N. (2021). Machine Learning and Deep Learning Applications-A Vision. Global Transitions Proceedings. https://doi.org/10.1016/j.gltp.2021.01.004 google scholar
• Shaukat, K., Luo, S., Chen, S., & Liu, D. (2020). Cyber Threat Detection Using Machine Learning Techniques: A Perfor-mance Evaluation Perspective. 1st Annual International Conference on Cyber Warfare and Security, ICCWS 2020 - Proceedings. https://doi.org/10.1109/ICCWS48432.2020.9292388 google scholar
• Shaukat, K., Luo, S., Varadharajan, V., Hameed, I. A., & Xu, M. (2020). A Survey on Machine Learning Techniques for Cyber Security in the Last Decade. IEEE Access. https://doi.org/10.1109/ACCESS.2020.3041951 google scholar
• Wani, A. R., Rana, Q. P., Saxena, U., & Pandey, N. (2019). Analysis and Detection of DDoS Attacks on Cloud Computing Environ-ment using Machine Learning Techniques. Proceedings - 2019 Amity International Conference on Artificial Intelligence, AICAI 2019. https://doi.org/10.1109/AICAI.2019.8701238 google scholar
• Zhang, X., Chen, J., Zhou, Y., Han, L., & Lin, J. (2019). A Multiple-Layer Representation Learning Model for Network-Based Attack Detection. IEEE Access. https://doi.org/10.1109/ACCESS.2019.2927465 google scholar