An Ensemble Model for Cyber Attack and Threat Detection in Applications Network Using Random Forest, Lightgbm and Xgboost

Introduction: In the modern digital age, the increasing sophistication of Cyber-attacks and threats jeopardize the integrity and security of networks, systems, and sensitive data. Traditional methods of cyber threat detection, primarily based on predefined signatures, struggle to identify novel or evolving attacks, making organizations vulnerable to breaches. This research proposes a machine learning-based approach to enhance cyber-attack detection by leveraging network traffic analysis. The system utilizes Random Forest, XGBoost, and LightGBM algorithms to categorize network behaviors as either benign or harmful by analyzing traffic patterns. By analyzing correlations between multiple network variables, the proposed solution aims to detect cyber threats on web applications in real-time, thus improving the accuracy and efficiency of cybersecurity measures. To address the challenge of unavailable network standards in datasets this paper explores the UNSW-NB15 dataset which integrates real-world normal network traffic with simulated contemporary attack activities. In the paper, evaluation of the different machine learning algorithms LightGBM, Random Forest, and XGBoost for detecting cyber-attacks and threats in applications from real network traffic datasets and the result performance of all three algorithms are compared which will help improve didgital security.

Objectives:  To analyze the effectiveness of Random Forest, XGBoost and LightGBM algorithms in identifying various types of attacks and enhance the security of digital networks by identifying correlations between network features and attack patterns

Methods: The modal analyses the network and checks whether the traffic is harmful to the user by using XGBoost, Random Forest, and LightGBM algorithms for categorization.

Results: The conclusion of the research shows that the accuracy of Random Forest, XGBoost, and LightGBM algorithms are 0.98096, 0.98045, and 0.98023 respectively.

Conclusions: The Random Forest algorithm outperformed the other models. The modal classification of cyber-attacks like DOS and Fuzzers are giving the best results, this possible with the help of Machine Learning Algorithms and their combinations.