Machine learning-based cyber threat detection: an approach to malware detection and security with explainable AI insights
Guardado en:
| 发表在: | Human-Intelligent Systems Integration vol. 6, no. 1 (Dec 2024), p. 61 |
|---|---|
| 出版: |
Springer Nature B.V.
|
| 主题: | |
| 在线阅读: | Citation/Abstract Full Text Full Text - PDF |
| 标签: |
没有标签, 成为第一个标记此记录!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3157769945 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 2524-4876 | ||
| 022 | |a 2524-4884 | ||
| 024 | 7 | |a 10.1007/s42454-024-00055-7 |2 doi | |
| 035 | |a 3157769945 | ||
| 045 | 2 | |b d20241201 |b d20241231 | |
| 245 | 1 | |a Machine learning-based cyber threat detection: an approach to malware detection and security with explainable AI insights | |
| 260 | |b Springer Nature B.V. |c Dec 2024 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a The growing prevalence of malware in the digital landscape presents significant risks to the security and integrity of computer networks and devices. Malicious software, designed with harmful intent, can disrupt operations, compromise sensitive data, and undermine critical processes. To counter these ongoing threats, enhanced cyber threat detection systems are essential to identify and mitigate emerging risks proactively. One promising approach to improving cybersecurity involves applying Machine Learning (ML) techniques, which allow systems to detect patterns and make informed predictions. In this paper, we examined the effectiveness of ML in cyber threat detection, focusing on the classification of dangerous and benign entities within digital ecosystems. We tested four ML algorithms: Support Vector Machine (SVM), Decision Tree (DT), K-Nearest Neighbors (KNN), and Random Forest (RF). The dataset, sourced from Kaggle, was carefully pre-processed to ensure accurate malware and benign data classification. We used k-fold cross-validation for splitting the dataset and manually tuned hyper-parameters to refine model performance, reducing bias and variance. Our results revealed distinct performance metrics among the models, with RF emerging as the top performer with an impressive accuracy rate of 100%. To further enhance the interpretability of the RF model’s predictions, we employed Local Interpretable Model-Agnostic Explanations (LIME) and SHapley Additive exPlanations (SHAP) as the Explainable AI (XAI) techniques. These approaches ensure that static_prio, nivcsw, vm_truncate_count, shared_vm, and millisecond are the most significant features for validating and trusting ML-based cybersecurity solutions. The interaction-aware technique, Partial Dependence Plot (PDP), is utilized in LIME to demonstrate the impact of individual features on model predictions. We assessed LIME and SHAP, applying optimization techniques to minimize performance overhead. This research also incorporated opinions from cybersecurity experts and employed the Chi-Squared test to validate the explanations of XAI. These results reinforce the importance of ML in bolstering cybersecurity by enhancing cyber defense systems against malware and other threats. Ultimately, our research aims to strengthen computer network resilience and protect digital assets, ensuring the integrity and security of digital ecosystems amid evolving cyber threats. | |
| 653 | |a Accuracy | ||
| 653 | |a Deep learning | ||
| 653 | |a Classification | ||
| 653 | |a Cybersecurity | ||
| 653 | |a Malware | ||
| 653 | |a Machine learning | ||
| 653 | |a Digital computers | ||
| 653 | |a Research & development--R&D | ||
| 653 | |a Explainable artificial intelligence | ||
| 653 | |a Chi-square test | ||
| 653 | |a Internet of Things | ||
| 653 | |a Learning algorithms | ||
| 653 | |a Decision trees | ||
| 653 | |a Computer program integrity | ||
| 653 | |a Datasets | ||
| 653 | |a Performance measurement | ||
| 653 | |a Support vector machines | ||
| 653 | |a Predictions | ||
| 653 | |a Neural networks | ||
| 653 | |a Algorithms | ||
| 653 | |a Methods | ||
| 653 | |a System effectiveness | ||
| 653 | |a Computer networks | ||
| 653 | |a Ransomware | ||
| 773 | 0 | |t Human-Intelligent Systems Integration |g vol. 6, no. 1 (Dec 2024), p. 61 | |
| 786 | 0 | |d ProQuest |t Advanced Technologies & Aerospace Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3157769945/abstract/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/3157769945/fulltext/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3157769945/fulltextPDF/embedded/6A8EOT78XXH2IG52?source=fedsrch |