An Approach for Integrating Behavioral Analytics and Machine Learning for Enhanced Cybersecurity

Abstract

Data breaches and cyber threats have evolved into increasingly complex and stealthy forms. Conventional anomaly detection based on rules is ineffective in identifying numerous contemporary attacks. Hence, User Behavior Analysis is performed on the network traffic flow data to comprehend, model, and forecast users' actions. Nevertheless, the diversity of the methods makes their understanding exceedingly complex. Therefore, domain experts use machine learning (ML) to accomplish their goals. Thus, this paper aims to suggest an innovative architecture that can detect anomalies in the network traffic flow by analyzing user behavior. The two different sets of data are used for two-class and four-class classification. Both the data are pre-processed for duplicates, missing values, and performing encoding techniques. The correlation analysis is performed to understand the user's behavior before training the ML models. The four different ML algorithms, like Logistic regression LR, KNN, DT, and RF algorithms are applied to the pre-processed datasets. The Random Forest algorithm outperforms by achieving 100% accuracy on two- and four-class classification. The described behavioral modeling approach updates cyber threat detection to match the needs of the modern, ever-changing threat landscape. © 2024 IEEE.