A ROBUST DETECTION OF CYBER INCIDENTS UTILIZING MACHINE LEARNING TECHNIQUES

: A reliable Cyber Attack Detection Model (CADM) is a system that works as safeguard for the users of modern technological devices and assistant for the operators of networks. The research paper aims to develop a CADM for analyzing the network data patterns to classify cyber-attacks. CADM finds out attack wise detection accuracy using ensemble classification method. LASSO has been used to extract important features. It can work with large datasets, and it has more visualization capability. Gradient Boosting and Random Forest algorithms have been used for classification of network traffic data to build an ensemble method. Gradient Boosting algorithm trains weak learning models and select the best decision trees to deliver more improved prediction accuracy and Random Forest algorithm trains each tree in parallel manner. In this research work, Jive datasets such as NSL-KDD, KDD Cup 99, UNSWNB15, URL 2016 and CICIDS 2017 are also applied to check the efficiency of the proposed model.


INTRODUCTION
Today, we are living in the society where many things are going to be automated and digitalize.Technology is now involving in our daily life and there are many simple examples for that such as mobile phones, personal computers etc. Converting things to smart devices and making these processes automated, IoT is one of the technology which plays an important role for that purpose.So we can say that it is one of the most important technologies for businesses as well as for our daily life.But, it is important to remember that as the technology increases there are also a number of issues increases related with that technology.Similarly, as the number of devices connected it means the more information is sharing between these devices and if there is any type of bug in the sharing system, there is a chance that each connected device could corrupt, and confidential information could steal by the hacker.
There should be an international standard for compatibility of IoT here which is not yet, therefore it is very difficult for devices which are manufactured from different companies to communicate with each other.Also there are many IoT devices which requires and ask to input user personal information such as name, location and contact as well as data which are important to hackers such as social media information.Therefore, the information sharing between IoT devices needs to be secured.Also, IoT privacy and security are cited as major concerns.There are number of attacks on IoT including malware.Malware can be defined as malicious software or bug which is designed to gain access and damage your device, device could be computer or IoT device.

LITERATURE SURVEY
Ashu Bansal et al. [11], has showed that the big data has increased malicious activities such as MITM, DDos and Spoofing.The data dimensionality reduction scheme was proposed to minimize the dimensionality of data to get better detection rate.XGBoost and CTree as ensemble approach and SVM and NNet as standalone classifiers were used.The biggest challenge for using this scheme is to reduce the elapsed time for classification.S. Sandosh et al. [12], proposed a model to mitigate the problems of high accuracy with low complexity and time efficiency.Modified k-means clustering was applied for data segmentation.Then KNN classification algorithm is used to classify the traffic flow as known or unknown attack.Rim Ben Fekih et al. [13], has asserted that cloud computing solves the problems to store large and heterogeneous datasets.A distributed IDS model was presented to handle a large scale of alert data.The Spark tool was used to join and analyze large datasets.The machine learning pipeline developed by sci-kit learns was followed in this work.The model was trained by Naive Bayes classification algorithm.Sumaiya Thaseen et al. [14], has aimed tofind the critical features to build an intrusion detection model.Chi-Square feature selection technique has been applied to select features.Supervised classification algorithms (support vector machine (SVM), modified Naive Bayes (MNB) and LPBoost) were used in ensemble method.

SYSTEM ANALYSIS 3.1 EXISTING SYSTEM
The existing system focuses on addressing the security and privacy concerns in IoT networks, recognizing the absence of international standards for compatibility in the IoT landscape.The project utilizes the Aposemat IoT-23 dataset, a labeled dataset created in the Avast laboratory, designed specifically to provide real-world examples of IoT attacks.The primary objective is to leverage artificial intelligence techniques to detect and classify unknown network behaviors based on historical data patterns.The machine learning algorithms employed include Decision Tree, Random Forest, and Naive Bayes.Through a comparative analysis, the results indicate that Random Forest proves to be the most efficient algorithm for detecting and classifying IoT network attacks on the Aposemat IoT-23 dataset.

LIMITATIONS OF EXISTING SYSTEM
• Static Machine Learning Models: The use of Decision Tree, Random Forest, and Naive Bayes machine learning algorithms implies a static approach to network attack detection.These models might struggle to adapt to dynamic and evolving attack strategies, potentially leading to a decreased accuracy in detecting novel threats.• Limited Generalization: The effectiveness of the system may be constrained by its ability to generalize across diverse IoT network environments.Factors such as network scale, device types, and communication protocols may vary, affecting the system's performance in real-world scenarios that differ from the Aposemat IoT-23 dataset.

PROPOSED SYSTEM
The proposed system aims to overcome the limitations of the existing approach by introducing several enhancements to strengthen IoT network attack detection using artificial intelligence.Firstly, the system proposes the incorporation of a more diverse set of labelled datasets, beyond the Aposemat IoT-23 dataset, to ensure a comprehensive understanding of evolving attack patterns.This expansion enables the system to generalize better and recognize novel threats that may not be covered by a single dataset.
Secondly, the proposed system advocates for the integration of dynamic and adaptive machine learning models that can evolve with the changing nature of IoT attacks.This may involve exploring deep learning techniques or other advanced algorithms capable of capturing intricate patterns and adapting to emerging threats in real-time.
Thirdly, the proposed system emphasizes the development of a more scalable architecture, considering the increasing scale and complexity of IoT networks.This could involve the implementation of distributed computing techniques or lightweight algorithms suitable for resource-constrained IoT devices, ensuring efficient and effective network attack detection at scale.
Additionally, the proposed system suggests leveraging anomaly detection methods alongside traditional classification approaches to enhance the detection of previously unseen attacks.Anomaly detection can identify deviations from normal network behaviour, providing a proactive defense against emerging threats not explicitly defined in the training dataset.
Lastly, the proposed system aims to optimize feature engineering processes to minimize computational overhead.This involves refining pre-processing techniques to strike a balance between improving detection accuracy and ensuring efficient resource utilization, particularly in the context of IoT devices with limited computational capabilities.Overall, the proposed system seeks to advance the state-of-the-art in IoT network attack detection by addressing existing limitations and embracing more dynamic, scalable, and adaptable approaches.