| dc.description.abstract | As the astonishing advancement of internet technology and the mainstreaming of remote work modes, cybersecurity has emerged as one of the most urgent and critical issues in today′s society. In this context, the tactics of cyber-attacks are proceeding in increasingly complex ways, particularly with the astonishing growth of ransomware, posing a huge threat to the information security of various businesses and organizations. To effectively confront this challenge, the Intrusion-detection system (IDS) as the cornerstone of cybersecurity, its role is becoming increasingly crucial. However, the current intrusion detection technologies still face some apparent limitations, such as insufficient recognition ability for unknown attacks and difficulty in predicting the occurrence time of attacks.
The goal of this study is to develop a new intrusion detection system based on machine learning, which can issue real-time alerts and predict potential network attacks in advance to achieve early defense of information security. In this process, we first conducted a time series assessment of the data and found that our feature variables are not suitable for application to the time series model. Then, we converted the time of the next attack from a numeric type to a categorical type, and further subdivided it into four different levels of urgency. We used seven different classification models for prediction and used the XGBoost algorithm for feature selection. Finally, we improved the accuracy of the model through cross-validation. After experimental verification, our system achieved 74.82% accuracy in predicting the time of the next attack, and effectively enhanced the cybersecurity defense capabilities of enterprises in practical applications. | en_US |