machine learning techniques for cyber attack detection

1. CONTENTS
ABSTRACT
INTRODUCTION
PROBLEM DEFINITION AND DESCRIPTION
EXISTING SYSTEM & IT’S DISADVANTAGES
PROPOSED SYSTEM & IT’S ADVANTAGES
MODULES
HARDWARE & HARDWARE REQUIREMENTS
REFERENCES

2. ABSTRACT
The increased usage of cloud services, growing number of users, changes in network
infrastructure.
Arising threats, network security mechanisms, sensors and protection schemes have also to
evolve in order to address the needs and problems of nowadays users.
Computerized fear, which made a lot of issues.
Intrusion Detection Systems (IDS) has been made to keep an essential separation from
advanced attacks.

3. Introduction
 Credit and debit card data stealing is most popular problem in cybercrime.
 The FRoDO introduces a secure off physical unclonable function.
 FRoDO introduces coin element and identity element.
 The main benefit is a simpler, faster, and more secure interaction between the involved
actors/entities.

4. Problem Definition & Description
The increased usage of cloud services, growing number of users, changes in network
infrastructure that connect devices running mobile operating systems, and constantly
evolving network technology cause novel challenges for cyber security that have never
been foreseen before.
As a result, to counter arising threats, network security mechanisms, sensors and
protection schemes have to evolve in order to address the needs and problems of
nowadays users.

5. Problem Definition & Description
Bayesian statistics offers a wide range of flexible models that
might be the key for a deeper understanding of the generative
process at the basis of malicious attacks.
Architecture diagram

6. Existing System
 In our previous work, we have introduced an innovative evolutionary algorithm for
modeling genuine SQL queries generated by web-application.We have extended our
algorithm with Bayes inference in order to incorporate advantages of signature-based
and anomaly-based methods. The proposed approach allows for extracting patterns (in
form of a PCRE regular expression) of a genuine SQL queries that can be easily
incorporated in any rule processing engine (e.g. Snort).
 Moreover, the results showed that combining that kind of attack detector with
character distribution allows for additional effectiveness improvements

7. Disadvantages of Existing System
Downloading and executing each webpage impacts performance and hinders
scalability of dynamic approaches.
URL-based techniques usually suffer from high false positive rates.
Cantina suffers from performance problems due to the time lag involved in
querying the Google search engine. Moreover, Cantina does not work well on
webpages written in languages other than English.
Finally, existing techniques do not account for new mobile threats such as known
fraud phone numbers that attempt to trigger the dialer on the phone.

8. Proposed System
The proposed approach engages a Bayesian inference theory for cyber attacks detection.
For that purpose a directed acyclic network (graph) is built, which is a graphic
representation of the joint probability distribution function over a set of variables.
In such graph each node represents random variable while the edge indicates a
dependant relationship.

9. Advantages of Proposed System
Protection from malicious attacks on your network.
Deletion and/or guaranteeing malicious elements within a preexisting
network.
Prevents users from unauthorized access to the network.
Deny's programs from certain resources that could be infected.
Securing confidential information.

10. Modules
Data Collection:
Collect sufficient data samples and legitimate software samples.
Data Preprocessing:
Data Augmented techniques will be used for better performance.
Train and Test Modeling:
Split the data into train and test data Train will be used for training the model and Test data
to check the performance.
Attack Detection Model:
Based on the model trained algorithm will detect whether the given transaction is
anomalous or not.
1) Normalization of every dataset.
2) Convert that dataset into the testing and training.
3) Form IDS models with the help of using RF, ANN, CNN and SVM algorithms.
4) Evaluate every model’s performances

11. Random Forest
• The Working process can be explained in the below steps and diagram:
• Step-1: Select random K data points from the training set.
• Step-2: Build the decision trees associated with the selected data points (Subsets).
• Step-3: Choose the number N for decision trees that you want to build.
• Step-4: Repeat Step 1 & 2.
• Step-5: For new data points, find the predictions of each decision tree, and assign the new data points to the category that wins the majority votes.

12. SVM
• Support Vector Machine or SVM is one of the most popular Supervised Learning algorithms,
which is used for Classification as well as Regression problems. However, primarily, it is used for
Classification problems in Machine Learning.
• The goal of the SVM algorithm is to create the best line or decision boundary that can
segregate n-dimensional space into classes so that we can easily put the new data point in the
correct category in the future. This best decision boundary is called a hyperplane.
• SVM chooses the extreme points/vectors that help in creating the hyperplane. These extreme
cases are called as support vectors, and hence algorithm is termed as Support Vector Machine.

13. Software Requirements
Operating system : Windows 10
Coding Language : Python
Front-End : Python
Back-End : Django-ORM
Designing : HTML, CSS, JavaScript.
Data Base : MySQL (WAMP Server).

14. Hardware Requirements
System : I3/I5 or More
Hard Disk : 160 GB
RAM : 2 GB

15. Conclusion
At the present time, assessments of help vector machine, ANN, CNN, Random Forest
and significant learning estimations reliant upon current dataset were presented
moderately. Results show that the significant learning estimation performed generally
best results over SVM, ANN, RF and CNN.
We will use port scope attempts just as other attack types with AI and significant
learning computations, Apache Hadoop and shimmer advancements together ward on
this dataset later on.
Every one of these estimation assists us with recognizing the digital assault in network.
It occurs in the manner that when we think about long back a long time there might be
such countless assaults occurred so when these assaults are perceived then the
highlights at which esteems these assaults are going on will be put away in some
datasets.

16. REFERENCES
• RashmiT V. “Predicting the System Failures Using Machine Learning
Algorithms”.International Journal of Advanced Scientific Innovation, vol. 1, no. 1,
Dec. 2020, doi:10.5281/zenodo.4641686.
• Girish L, Rao SKN (2020) “Quantifying sensitivity and performance degradation of
virtual machines using machine learning.”,Journal of Computational and
Theoretical Nanoscience, Volume 17, Numbers 9-10, September/October 2020,
pp.4055-4060(6) https://doi.org/10.1166/jctn.2020.9019
• K. Ibrahimi and M.Ouaddane, “Management of intrusion detection systems
basedkdd99: Analysis with lda and pca,”in Wireless Networks and Mobile
Communications (WINCOM), 2017 International Conference on. IEEE, 2017, pp
• L. Sun, T. Anthony, H. Z. Xia, J. Chen, X. Huang, and Y. Zhang, “Detection and
classification of malicious patterns in network traffic using benford’s law,” in
AsiaPacific Signal and Information Processing Association Annual Summit and
Conference (APSIPA ASC), 2017. IEEE, 2017, pp. 864–872.