AI/ML Based Detection of Unknown Compromises on ICT Devices

The growing dependence on online communication and increased cyberattacks need more reliable techniques for detecting network anomalies. While successful, traditional signature-based detection systems have trouble detecting zero-day attacks and cannot analyse encrypted traffic, which today makes up over half of all internet traffic. The goal of the machine learning-based method for network anomaly detection in this research is to find malicious activities in encrypted and unencrypted network traffic. This research uses machine learning methods to detect abnormal behaviours that suggest possible security breaches. Several classification methods were investigated and tested using datasets that were made available to the public. Even in encrypted network environments, the results demonstrate that machine learning techniques, especially anomaly-based detection, can improve detection accuracy and lower false positives.

The proposed model's novelty lies in its integration of tailored feature selection with attack-specific and unified datasets, ensuring a comprehensive approach to identifying network anomalies.