Abstract
Machine learning techniques, that are based on semantic analysis of behavioural attack patterns, have not been successfully implemented in cyber threat intelligence. This is because of the error prone and time-consuming manual process of deep learning solutions, which is commonly used for searching correlated cyber-attack tactics, techniques and procedures in cyber-attacks prediction techniques. The aim of this paper is to improve the prediction accuracy and the processing time of cyber-attacks prediction mechanisms by proposing enhanced Naïve Bayes posterior probability (ENBPP) algorithm. The proposed algorithm combines two functions; a modified version of Naïve Bayes posterior probability function and a modified risk assessment function. Combining these two functions will enhance the threat prediction accuracy and decrease the processing time. Five different datasets were used to obtain the results. Five different datasets containing 328,814 threat samples were used to obtain the processing time and the prediction accuracy results for the proposed solution. Results show that the proposed solution gives better prediction accuracy and processing time when different examination types and different scenarios are taken into consideration. The proposed solution provides a significant prediction accuracy improvement in threat analysis from 92–96% and decreases the average processing time from 0.043 to 0.028 s compared with the other method. The proposed solution successfully enhances the overall prediction accuracy and improves the processing time by solving the TTPs dependency and the prediction sets threshold problems. Thus, the proposed algorithm reaches a more reliable threat prediction solution.
Similar content being viewed by others
References
Qamar S, Anwar Z, Rahman MA, Al-Shaer E, Chu BT (2017) Data-driven analytics for cyber-threat intelligence and information sharing. Comput Secur 67:35–58
Noor U, Anwar Z, Malik AW, Khan S, Saleem S (2019) A machine learning framework for investigating data breaches based on semantic analysis of adversary’s attack patterns in threat intelligence repositories. Future Gener Comput Syst 9:467–487. https://doi.org/10.1016/j.future.2019.01.022
Riesco R, Villagra VA (2019) Leveraging cyber threat intelligence for a dynamic risk framework. Int J Inf Secur 18:715–739. https://doi.org/10.1007/s10207-019-00433-2
Xiao Y, Xing C, Zhang T, Zhao Z (2019) An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7:42210–42219. https://doi.org/10.1109/access.2019.2904620
Lee J, Kim J, Lim I, Han K (2019) Cyber threat detection based on artificial neural networks using event profiles. IEEE Access 7:165607–165626. https://doi.org/10.1109/access.2019.2953095
Husak M, Komarkova J, Bou-Harb E, Celeda P (2019) Survey of attack projection, prediction, and forecasting in cyber security. IEEE Commun Surv Tutor 21(1):640–660. https://doi.org/10.1109/comst.2018.2871866
Sun P, Li J, Bhuiyan ZA, Wang L, Li B (2019) Modelling and clustering attacker activities through machine learning techniques. Inf Sci 479:456–471. https://doi.org/10.1016/j.ins.2018.04.065
Caminero G, Martin ML, Carro B (2019) Adversarial environment reinforcement learning algorithm for intrusion detection. Comput Netw 159:96–109. https://doi.org/10.1016/j.comnet.2019.05.013
Noor U, Anwar Z, Amjad T, Kwang K, Choo R (2019) A machine learning-based FinTech cyber threat attribution framework using high-level indicators of compromise. Future Gener Comput Syst 96:227–242. https://doi.org/10.1016/j.future.2019.02.013
Kim D, Kim HK (2019) Automated dataset generation system for collaborative research of cyber threat analysis. Secur Commun Netw 2019:1–10. https://doi.org/10.1155/2019/6268476
Fransen F, Smulders A, Kerkdijk R (2015) Cyber security information exchange to gain insight into the effects of cyber threats and incidents. Elektrotech Inf Technol 132(2):106–112
Du M, Li F, Zheng G, Srikumar V (2017) DeepLog: anomaly detection and diagnosis from system logs through deep learning. Proc ACM CCS 17:1285–1298
Subroto A, Apriyana A (2019) Cyber risk prediction through social media big data analytics and statistical machine learning. J Big Data 6:1–19. https://doi.org/10.1186/s40537-019-0216-1
Kaja N, Shaout A, Ma D (2019) An intelligent intrusion detection system. Appl Intell 49:3235–3247. https://doi.org/10.1007/s10489-019-01436-1
Black P, Gondal I, Layton R (2018) A survey of similarities in banking malware behaviours. Comput Secur 777:56–772. https://doi.org/10.1016/j.cose.2017.09.013
Li G, Shen Y, Zhao P, Lu X, Liu J, Liu Y, Hoi SCH (2019) Detecting cyber-attacks in industrial control systems using online learning algorithms. Neurocomputing 364:338–348
Durkota K, Lisya V, Bosanskya B, Kiekintveld C, Pechoucek M (2019) Hardening networks against strategic attackers using attack graph games. Comput Secur 87:1–25. https://doi.org/10.1016/j.cose.2019.101578
Gu J, Wang L, Wang H, Wang S (2019) A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput Secur 86:53–62
Gao X, Shan C, Hu C, Niu Z, Liu Z (2019) An adaptive ensemble machine learning model for intrusion detection. IEEE Access 7:82512–82521. https://doi.org/10.1109/access.2019.2923640
Bahtiyar S, Yaman YB, Altınigne CY (2019) A multi-dimensional machine learning approach to predict advanced malware. Comput Netw 160:118–129. https://doi.org/10.1016/j.comnet.2019.06.015
Li Y, Xiong K, Chin T, Hu C (2019) A machine learning framework for domain generation algorithm-based malware detection. IEEE Access 7:32765–32782. https://doi.org/10.1109/access.2019.2891588
Antunes M, Gomes D, Aguiar RL (2018) Towards IoT data classification through semantic features. Future Gener Comput Syst 86:792–798. https://doi.org/10.1016/j.future.2017.11.045
Huda S, Abawajy J, Alazab M, Abdollalihian M, Islam R, Yearwood J (2016) Hybrids of support vector machine wrapper and filter based framework for malware detection. Future Gener Comput Syst 55:376–390. https://doi.org/10.1016/j.future.2014.06.001
Qublai K, Mirza A, Awan I, Younas M (2018) CloudIntell: an intelligent malware detection system. Future Gener Comput Syst 86:1042–1053. https://doi.org/10.1016/j.future.2017.07.016
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Sentuna, A., Alsadoon, A., Prasad, P.W.C. et al. A Novel Enhanced Naïve Bayes Posterior Probability (ENBPP) Using Machine Learning: Cyber Threat Analysis. Neural Process Lett 53, 177–209 (2021). https://doi.org/10.1007/s11063-020-10381-x
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11063-020-10381-x