Original scientific paper
https://doi.org/10.1080/00051144.2023.2295146
Integrated threat intelligence platform for security operations in organizations
K. U. Abinesh Kamal
; Department of Information Technology, Noorul Islam Centre for Higher Education, Kumaracoil, India
*
S. V. Divya
; Department of Computer Science & Engineering, V.S.B College of Engineering Technical Campus, Coimbatore, India
* Corresponding author.
Abstract
Organizations have to establish strong security operations to protect their digital assets since
cyberattacks are becoming more prevalent and sophisticated. Integrating threat intelligence
into security operations is a fundamental strategy for enhancing an organization’s security posture. However, the precision and dependability of the underlying machine learning classifiers
employed for analysis determine how successful such platforms really are. In this paper, we leverage the UNSW-NB15 dataset to propose an integrated threat intelligence platform for security
operations in organizations. In order to determine which machine learning classifier performs
best, we run a variety of classifiers to the dataset, including Ensemble Learning, Stochastic Gradient Descent (SGD), Logistic Regression, and Ridge Classifier. Our findings demonstrate that the
Ensemble Learning classifier beats the other classifiers, with accuracy, precision, recall, and F1
score of 97.02%, 98.34%, 99.02% and 98.17% respectively. This suggests that our proposed system is quite good at detecting potential threats and may offer insightful information for security
operations in organizations.
Keywords
Threat intelligence platforms; cyberattacks; security; UNSW-NB15; ensemble learning
Hrčak ID:
323033
URI
Publication date:
10.1.2024.
Visits: 0 *