Stochastic gradient boosted distributed decision trees security approach for detecting cyber anomalies and classifying multiclass cyber-attacks

Abstract

Identifying cyber anomalies and attacks in today's cybersecurity environment is essential. We can solve these difficulties by combining artificial intelligence (AL) and machine learning (ML) methods. The specifics of the existing security mechanisms and the supply quality define how effective ML-based security systems will be in strengthening such measures. Developing a security system to identify unusual activity and classify threats in the growing complexity and regularity of attacks is essential. This article provides a successful method to identify and classify cyber anomalies. We use a novel method in combination with Stochastic Gradient Boosted Distributed Decision Trees (SGB-DDT) with Honeybees Mating Optimisation (HBMO). To improve the detection accuracy, we use SGD-DDT, a distributed learning technique that is both highly scalable and effective by combining the collective wisdom of several decision trees. The SGB approach's adaptability and error-learning properties make the model less vulnerable to dynamic cyberattacks. The complications of classifying cyberattacks into different types have prompted this research to propose an enhanced HBMO method. The HBMO method aims to improve model performance while reducing processing overhead, which takes inspiration from honeybee mating behaviour. This proposed method, SGB-DDT, can accurately identify several categories of cyberattacks using the enhanced HBMO method. We assess the proposed method using a large and varied dataset of cyberattack incidents from NSL-KDD and UNSW-NB15, encompassing common and uncommon attack types. The experiment results show that the SGB-DDT with higher HBMO outperforms traditional ML techniques.