Employing Functional Machine Learning Principles for Active Detection of Brute Force Attack Relying on The CICIDS2017 Dataset

Abstract

Cybercrime and attacks due to brute force have increased in the last decades. Old-fashioned detection methods have become useless and unreliable. Researchers are now working on new ideas and ways to improve information security and privacy. One prominent strategy involves machine learning. The aim of this master’s research is to assess how machine learning significantly impacts identifying severe cyber threats due to brute force attack. Thus, analysis was performed on the CICIDS2017 datasets.  Furthermore, we used numerical analyses with Python programming to verify that machine learning enables enhanced performance and reliability in network threat detection. The computational simulations and theoretical evaluations indicated that the voting algorithm exhibited superior performance (in terms of accuracy, precision, recall, and F1-score) in identifying benign brute force assaults. Moreover, the voting algorithm demonstrated peak accuracy across three distinct categories of attacks. The Gradient Boosting (GB) model demonstrated the highest F1-score in relation to FTP and SSH brute force vulnerabilities. The peak accuracy levels, precision, recall, and F1-score recorded in the three experimental conditions were 99.1%, 75.4%, 59.6%, and 70.1% for the voting, second voting, decision tree (DT), and gradient boosting (GB) methodologies, respectively.