Journal of Computer and Communication Networks
Research Article
Volume 01, 2025
Machine Learning for Cyber Threat Detection Using Historical Vulnerabilities and Security Standards
Journal of Computer and Communication Networks
Received On : 16 November 2024
Revised On : 15 January 2025
Accepted On : 28 February 2025
Published On : 16 March 2025
Volume 01, 2025
Pages : 043-051
Abstract
Changing modern cybersecurity threats make it necessary for organizations to develop security detection systems that integrate supervised learning capabilities with standard security data and historic logs. We propose adopting a multi-level machine learning framework to classify threats by unifying security data from NVD, CVE, VulDB, CAPEC, ATT&CK and CWE sources. The security system performs pre-processing on data before using Decision Trees, Random Forests, Bagging, Boosting and XGBoost algorithms to build features that strengthen threat detection performance. We chose ensemble learning to achieve optimal predictions in threat assessment. The experimental data demonstrates that XGBoost delivers better results among other tested models since it detects cyber threats with a 97.2% success rate, which shows its capability to detect password attacks, phishing details, SQL injection threats, ransomware and DDoS events. Continuous improvement in the system comes from expert feedback systems, which generate patterns when ranking vulnerabilities. The proposed system presents real-time tracking abilities together with dynamic threat-detection methods that enable organizations to use an advanced system for facing emerging cyber threats.
Keywords
Machine Learning, Cybersecurity, Threat Detection, Vulnerability Analysis, Attack Patterns, Anomaly Detection, Intrusion Prevention, Network Security, Data-Driven Security, AI Security.
- J. M. Borky and T. H. Bradley, “Protecting Information with Cybersecurity,” in Springer eBooks, 2018, pp. 345–404. doi: 10.1007/978-3-319-95669-5_10.
- N. H. Liu, M. Bolic, A. Nayak, and I. Stojmenovic, “Taxonomy and challenges of the integration of RFID and wireless sensor networks,” IEEE Network, vol. 22, no. 6, pp. 26–35, Nov. 2008, doi: 10.1109/mnet.2008.4694171.
- “Enhancing Cyber Threat Detection through Real-time Threat Intelligence and Adaptive Defense Mechanisms,” International Journal of Computer Applications Technology and Research, Jul. 2024, doi: 10.7753/ijcatr1308.1002.
- R. Singh, H. Kumar, R. K. Singla, and R. R. Ketti, “Internet attacks and intrusion detection system,” Online Information Review, vol. 41, no. 2, pp. 171–184, Apr. 2017, doi: 10.1108/oir-12-2015-0394.
- H. Liu and B. Lang, “Machine Learning and Deep Learning Methods for Intrusion Detection Systems: a survey,” Applied Sciences, vol. 9, no. 20, p. 4396, Oct. 2019, doi: 10.3390/app9204396.
- M. W. A. Ashraf, A. R. Singh, A. Pandian, R. S. Rathore, M. Bajaj, and I. Zaitsev, “A hybrid approach using support vector machine rule-based system: detecting cyber threats in internet of things,” Scientific Reports, vol. 14, no. 1, Nov. 2024, doi: 10.1038/s41598-024-78976-1.
- K. Namjoshi and G. Narlikar, “Robust and Fast Pattern Matching for Intrusion Detection,” 2010 Proceedings IEEE INFOCOM, pp. 1–9, Mar. 2010, doi: 10.1109/infcom.2010.5462149.
- T. Sommestad, H. Holm, and D. Steinvall, “Variables influencing the effectiveness of signature-based network intrusion detection systems,” Information Security Journal a Global Perspective, vol. 31, no. 6, pp. 711–728, Sep. 2021, doi: 10.1080/19393555.2021.1975853.
- K. Nayak, D. Marino, P. Efstathopoulos, and T. Dumitras, “Some vulnerabilities are different than others - studying vulnerabilities and attack surfaces in the wild.,” Recent Advances in Intrusion Detection, pp. 426–446, Jan. 2014, [Online]. Available: http://www.umiacs.umd.edu/~tdumitra/papers/RAID-2014.pdf
- R. Lippmann, S. Webster, and D. Stetson, “The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection,” in Lecture notes in computer science, 2002, pp. 307–326. doi: 10.1007/3-540-36084-0_17.
- W. Li, W. Meng, and L. F. Kwok, “Surveying Trust-Based Collaborative Intrusion Detection: State-of-the-Art, Challenges and Future Directions,” IEEE Communications Surveys & Tutorials, vol. 24, no. 1, pp. 280–305, Dec. 2021, doi: 10.1109/comst.2021.3139052.
- J. H. Lee, J. Shin, and M. J. Realff, “Machine learning: Overview of the recent progresses and implications for the process systems engineering field,” Computers & Chemical Engineering, vol. 114, pp. 111–121, Oct. 2017, doi: 10.1016/j.compchemeng.2017.10.008.
- Z. Azam, Md. M. Islam, and M. N. Huda, “Comparative analysis of intrusion detection systems and Machine Learning-Based model analysis through Decision Tree,” IEEE Access, vol. 11, pp. 80348–80391, Jan. 2023, doi: 10.1109/access.2023.3296444.
- N. Hubballi and V. Suryanarayanan, “False alarm minimization techniques in signature-based intrusion detection systems: A survey,” Computer Communications, vol. 49, pp. 1–17, May 2014, doi: 10.1016/j.comcom.2014.04.012.
- D. Benetis, D. Vitkus, J. Janulevičius, A. Čenys, and N. Goranin, “Automated Conversion of CVE Records into an Expert System, Dedicated to Information Security Risk Analysis, Knowledge-Base Rules,” Electronics, vol. 13, no. 13, p. 2642, Jul. 2024, doi: 10.3390/electronics13132642.
- P. Dhawas, A. Dhore, D. Bhagat, R. D. Pawar, A. Kukade, and K. Kalbande, “Big data preprocessing, techniques, integration, transformation, normalisation, cleaning, discretization, and binning,” in Advances in business information systems and analytics book series, 2024, pp. 159–182. doi: 10.4018/979-8-3693-0413-6.ch006.
- G. Kumar and P. K. Bhatia, “A Detailed Review of Feature Extraction in Image Processing Systems,” 2014 Fourth International Conference on Advanced Computing & Communication Technologies, pp. 5–12, Feb. 2014, doi: 10.1109/acct.2014.74.
- I. Ghafoor, I. Jattala, S. Durrani, and C. M. Tahir, “Analysis of OpenSSL Heartbleed vulnerability for embedded systems,” 17th IEEE International Multi Topic Conference 2014, pp. 314–319, Dec. 2014, doi: 10.1109/inmic.2014.7097358.
- T.-T.-H. Le, Y. E. Oktian, and H. Kim, “XGBOOST for Imbalanced Multiclass Classification-Based Industrial Internet of Things Intrusion Detection Systems,” Sustainability, vol. 14, no. 14, p. 8707, Jul. 2022, doi: 10.3390/su14148707.
CRediT Author Statement
The author reviewed the results and approved the final version of the manuscript
Acknowledgements
The authors would like to thank to the reviewers for nice comments on the manuscript.
Funding
No funding was received to assist with the preparation of this manuscript.
Ethics Declarations
Conflict of interest
The authors have no conflicts of interest to declare that are relevant to the content of this article.
Availability of Data and Materials
Data sharing is not applicable to this article as no new data were created or analysed in this study.
Author Information
Contributions
All authors have equal contribution in the paper and all authors have read and agreed to the published version of the manuscript.
Corresponding Author
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution NoDerivs is a more restrictive license. It allows you to redistribute the material commercially or non-commercially but the user cannot make any changes whatsoever to the original, i.e. no derivatives of the original work. To view a copy of this license, visit: https://creativecommons.org/licenses/by-nc-nd/4.0/
Cite this Article
Arulmurugan Ramu, “Machine Learning for Cyber Threat Detection Using Historical Vulnerabilities and Security Standards”, Journal of Computer and Communication Networks, pp. 043-051, 16 March 2025, doi: 10.64026/JCCN/2025005.
Copyright
© 2025 Arulmurugan Ramu. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.