Cyber-attack Detection and Mitigation Process under Big Data Consideration: Improved Recursive Feature Elimination-based Feature Selection

Cyber-attack Detection and Mitigation Process under Big Data Consideration: Improved Recursive Feature Elimination-based Feature Selection D. Raghunath Kumar Babu Department of Computer Science and Engineering, Vels Institute of Science, Technology and Advanced Studies (VISTAS), Pallavaram, Chennai, Tamil Nadu 600117, India https://orcid.org/0000-0001-8687-6510 A. Packialatha Department of Computer Science and Engineering, Vels Institute of Science, Technology and Advanced Studies (VISTAS), Pallavaram, Chennai, Tamil Nadu 600117, India https://orcid.org/0000-0001-7374-1262

Due to the rapid growth of network technology, huge volume and distinct data sent via networks is expanding constantly. The situation shows how complex and dense cyber attacks and hazards are developing. Due to the rapid advancement in network density, cyber security specialists find it difficult to monitor all network activity. Due to frequent and sophisticated cyber attacks, it is becoming more challenging to detect and identify abnormalities in network events. The use of deep learning provides a variety of tools and strategies for automated cyber-attack detection as well as quick attack-type prediction as well as evaluation. This work introduces a novel cyber-attack detection and mitigation process under the following phases including preprocessing, feature extraction via the Map Reduce framework that handles the big data, feature selection, attack detection and mitigation. The Improved Normalisation process is achieved on the preprocessing phase. The work is examined from a big data perspective; hence Map Reduce framework is utilised for this. As a result, the framework will manage the feature extraction process, where features including statistical features, raw features, improved correlation-based features, and info gain-based features will be extracted. Following feature extraction, the Improved Recursive Feature Elimination procedure is processed that selects the relevant features. The hybrid detection model, which combines Recurrent Neural Networks (RNN) Deep and Belief Networks (DBN) is used to detect the attacks. Once an attack has been detected, the attacker must be mitigated. To accomplish this, an improved BAIT-based mitigation procedure is used. The two datasets used in this work are, namely, Intrusion Detection Systems (IDS) 2018 Intrusion CSVs (CSE-CIC-IDS2018) and UNSW_NB15. Finally, the suggested model and the alternative methods are contrasted using a variety of measures such as accuracy, sensitivity, specificity, precision, FDR, FNR and FPR.
09 20 2024 12 2024 2450079 10.1142/S0219649224500795 10.1142/S0219649224500795 https://www.worldscientific.com/doi/10.1142/S0219649224500795 https://www.worldscientific.com/doi/pdf/10.1142/S0219649224500795 10.1007/s00521-021-05785-2 Wireless Personal Communications Alqahtani AS 1 2021 10.1007/s00500-021-05926-8 10.1109/ACCESS.2019.2936816 10.1109/ACCESS.2020.3028690 10.1109/JSYST.2013.2296197 10.1016/j.compchemeng.2020.106806 10.1109/ACCESS.2021.3051300 IEEE Transactions on Circuits and Systems II: Express Briefs Gao L 1487 67 8 2020 10.1109/PDCAT.2009.82 10.1109/JIOT.2021.3067667 10.1007/s10922-023-09722-7 10.1016/j.comcom.2020.12.003 10.1007/s13369-020-05181-3 10.1007/s40747-021-00396-9 10.1109/TIFS.2018.2854745 10.1109/ACCESS.2020.2989770 10.1016/j.ifacol.2021.04.001 10.35833/MPCE.2019.000216 10.1109/TII.2021.3053304 10.5815/ijmecs.2019.12.05 10.1007/s12652-019-01417-9 10.1109/TITS.2019.2934481 Cybernetics and Systems Raghunath Kumar Babu D 1 2022 10.1016/j.jksuci.2020.10.005 10.1109/JSYST.2019.2943921 10.1109/ACCESS.2020.3009733 10.1016/j.apenergy.2021.118425 10.1109/JIOT.2023.3281273 10.1109/IIH-MSP.2009.145 10.1007/s42154-021-00153-1 10.1016/j.pnucene.2020.103446 10.1109/TII.2019.2891261