Paper 2023/1843

Zero-day vulnerability prevention with recursive feature elimination and ensemble learning

Mike Nkongolo Wa Nkongolo, University of Pretoria
Abstract

This study focuses on spotting and stopping new types of online threats by improving the UGRansome dataset to detect unusual activity in real-time. By blending different machine learning methods, like naïve tree-based ensemble learning and recursive feature elimination (RFE), the research achieves a high accuracy rate of 97%. Naïve Bayes (NB) stands out as the most effective classifier. The suggested setup, combining gradient boosting (GB) and random forest (RF) with NB, effectively identifies and prevents unknown vulnerabilities in computer systems. UGRansome successfully blocks over 100 kilobits per second (kbps) of harmful online traffic by using details pinpointed by the RFE method, specifically uniform resource locators (URLs). This outperforms existing Intrusion Detection System (IDS) datasets. It's particularly good at stopping secure shell attacks, proving the dataset's usefulness in making networks safer. This research marks significant progress in detecting intrusions. The NB model excels in accuracy, precision, and remembering patterns, especially in identifying new threats. Moreover, the suggested naïve tree-based ensemble model shows outstanding accuracy, standing out as the best-performing technique among all models studied. Applying the UGRansome properties-based rule noticeably changes how traffic is sorted, decreasing unknown traffic while increasing unclassified traffic, which requires more investigation.

Note: This manuscript has been submitted to the International Journal of Intelligent Systems, a publication under Hindawi's scholarly journals.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Cryptanalysis techniqueszero-day vulnerabilitiessecure shell attacksproperties-based rulemachine learning
Contact author(s)
mike wankongolo @ up ac za
History
2023-12-01: approved
2023-11-30: received
See all versions
Short URL
https://ia.cr/2023/1843
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1843,
      author = {Mike Nkongolo Wa Nkongolo},
      title = {Zero-day vulnerability prevention with recursive feature elimination and ensemble learning},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1843},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1843}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.