Skip to main content
SpringerLink
Log in

A Novel Enhanced Naïve Bayes Posterior Probability (ENBPP) Using Machine Learning: Cyber Threat Analysis

  • Published:
Neural Processing Letters Aims and scope Submit manuscript

Abstract

Machine learning techniques, that are based on semantic analysis of behavioural attack patterns, have not been successfully implemented in cyber threat intelligence. This is because of the error prone and time-consuming manual process of deep learning solutions, which is commonly used for searching correlated cyber-attack tactics, techniques and procedures in cyber-attacks prediction techniques. The aim of this paper is to improve the prediction accuracy and the processing time of cyber-attacks prediction mechanisms by proposing enhanced Naïve Bayes posterior probability (ENBPP) algorithm. The proposed algorithm combines two functions; a modified version of Naïve Bayes posterior probability function and a modified risk assessment function. Combining these two functions will enhance the threat prediction accuracy and decrease the processing time. Five different datasets were used to obtain the results. Five different datasets containing 328,814 threat samples were used to obtain the processing time and the prediction accuracy results for the proposed solution. Results show that the proposed solution gives better prediction accuracy and processing time when different examination types and different scenarios are taken into consideration. The proposed solution provides a significant prediction accuracy improvement in threat analysis from 92–96% and decreases the average processing time from 0.043 to 0.028 s compared with the other method. The proposed solution successfully enhances the overall prediction accuracy and improves the processing time by solving the TTPs dependency and the prediction sets threshold problems. Thus, the proposed algorithm reaches a more reliable threat prediction solution.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17

Similar content being viewed by others

References

  1. Qamar S, Anwar Z, Rahman MA, Al-Shaer E, Chu BT (2017) Data-driven analytics for cyber-threat intelligence and information sharing. Comput Secur 67:35–58

    Article  Google Scholar 

  2. Noor U, Anwar Z, Malik AW, Khan S, Saleem S (2019) A machine learning framework for investigating data breaches based on semantic analysis of adversary’s attack patterns in threat intelligence repositories. Future Gener Comput Syst 9:467–487. https://doi.org/10.1016/j.future.2019.01.022

    Article  Google Scholar 

  3. Riesco R, Villagra VA (2019) Leveraging cyber threat intelligence for a dynamic risk framework. Int J Inf Secur 18:715–739. https://doi.org/10.1007/s10207-019-00433-2

    Article  Google Scholar 

  4. Xiao Y, Xing C, Zhang T, Zhao Z (2019) An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7:42210–42219. https://doi.org/10.1109/access.2019.2904620

    Article  Google Scholar 

  5. Lee J, Kim J, Lim I, Han K (2019) Cyber threat detection based on artificial neural networks using event profiles. IEEE Access 7:165607–165626. https://doi.org/10.1109/access.2019.2953095

    Article  Google Scholar 

  6. Husak M, Komarkova J, Bou-Harb E, Celeda P (2019) Survey of attack projection, prediction, and forecasting in cyber security. IEEE Commun Surv Tutor 21(1):640–660. https://doi.org/10.1109/comst.2018.2871866

    Article  Google Scholar 

  7. Sun P, Li J, Bhuiyan ZA, Wang L, Li B (2019) Modelling and clustering attacker activities through machine learning techniques. Inf Sci 479:456–471. https://doi.org/10.1016/j.ins.2018.04.065

    Article  Google Scholar 

  8. Caminero G, Martin ML, Carro B (2019) Adversarial environment reinforcement learning algorithm for intrusion detection. Comput Netw 159:96–109. https://doi.org/10.1016/j.comnet.2019.05.013

    Article  Google Scholar 

  9. Noor U, Anwar Z, Amjad T, Kwang K, Choo R (2019) A machine learning-based FinTech cyber threat attribution framework using high-level indicators of compromise. Future Gener Comput Syst 96:227–242. https://doi.org/10.1016/j.future.2019.02.013

    Article  Google Scholar 

  10. Kim D, Kim HK (2019) Automated dataset generation system for collaborative research of cyber threat analysis. Secur Commun Netw 2019:1–10. https://doi.org/10.1155/2019/6268476

    Article  Google Scholar 

  11. Fransen F, Smulders A, Kerkdijk R (2015) Cyber security information exchange to gain insight into the effects of cyber threats and incidents. Elektrotech Inf Technol 132(2):106–112

    Article  Google Scholar 

  12. Du M, Li F, Zheng G, Srikumar V (2017) DeepLog: anomaly detection and diagnosis from system logs through deep learning. Proc ACM CCS 17:1285–1298

    Google Scholar 

  13. Subroto A, Apriyana A (2019) Cyber risk prediction through social media big data analytics and statistical machine learning. J Big Data 6:1–19. https://doi.org/10.1186/s40537-019-0216-1

    Article  Google Scholar 

  14. Kaja N, Shaout A, Ma D (2019) An intelligent intrusion detection system. Appl Intell 49:3235–3247. https://doi.org/10.1007/s10489-019-01436-1

    Article  Google Scholar 

  15. Black P, Gondal I, Layton R (2018) A survey of similarities in banking malware behaviours. Comput Secur 777:56–772. https://doi.org/10.1016/j.cose.2017.09.013

    Article  Google Scholar 

  16. Li G, Shen Y, Zhao P, Lu X, Liu J, Liu Y, Hoi SCH (2019) Detecting cyber-attacks in industrial control systems using online learning algorithms. Neurocomputing 364:338–348

    Article  Google Scholar 

  17. Durkota K, Lisya V, Bosanskya B, Kiekintveld C, Pechoucek M (2019) Hardening networks against strategic attackers using attack graph games. Comput Secur 87:1–25. https://doi.org/10.1016/j.cose.2019.101578

    Article  Google Scholar 

  18. Gu J, Wang L, Wang H, Wang S (2019) A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput Secur 86:53–62

    Article  Google Scholar 

  19. Gao X, Shan C, Hu C, Niu Z, Liu Z (2019) An adaptive ensemble machine learning model for intrusion detection. IEEE Access 7:82512–82521. https://doi.org/10.1109/access.2019.2923640

    Article  Google Scholar 

  20. Bahtiyar S, Yaman YB, Altınigne CY (2019) A multi-dimensional machine learning approach to predict advanced malware. Comput Netw 160:118–129. https://doi.org/10.1016/j.comnet.2019.06.015

    Article  Google Scholar 

  21. Li Y, Xiong K, Chin T, Hu C (2019) A machine learning framework for domain generation algorithm-based malware detection. IEEE Access 7:32765–32782. https://doi.org/10.1109/access.2019.2891588

    Article  Google Scholar 

  22. Antunes M, Gomes D, Aguiar RL (2018) Towards IoT data classification through semantic features. Future Gener Comput Syst 86:792–798. https://doi.org/10.1016/j.future.2017.11.045

    Article  Google Scholar 

  23. Huda S, Abawajy J, Alazab M, Abdollalihian M, Islam R, Yearwood J (2016) Hybrids of support vector machine wrapper and filter based framework for malware detection. Future Gener Comput Syst 55:376–390. https://doi.org/10.1016/j.future.2014.06.001

    Article  Google Scholar 

  24. Qublai K, Mirza A, Awan I, Younas M (2018) CloudIntell: an intelligent malware detection system. Future Gener Comput Syst 86:1042–1053. https://doi.org/10.1016/j.future.2017.07.016

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing and Mathematics, Charles Sturt University, Sydney Campus, Sydney, Australia

    Ayan Sentuna, Abeer Alsadoon & P. W. C. Prasad

  2. Department of Information Technology, Study Group Australia, Sydney Campus, Sydney, Australia

    Ayan Sentuna, Abeer Alsadoon & P. W. C. Prasad

  3. Department of Computer Engineering and Informatics, Middlesex University Dubai, Dubai, UAE

    Maha Saadeh

  4. Department of Islamic Sciences, Al Iraqia University, Baghdad, Iraq

    Omar Hisham Alsadoon

Authors
  1. Ayan Sentuna
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abeer Alsadoon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. P. W. C. Prasad
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Maha Saadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Omar Hisham Alsadoon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abeer Alsadoon.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sentuna, A., Alsadoon, A., Prasad, P.W.C. et al. A Novel Enhanced Naïve Bayes Posterior Probability (ENBPP) Using Machine Learning: Cyber Threat Analysis. Neural Process Lett 53, 177–209 (2021). https://doi.org/10.1007/s11063-020-10381-x

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11063-020-10381-x

Keywords

Search

Navigation