Advanced Persistent Threats (APT)

Background : Security has been a major issue of discussion due to increase in the number and sophistication of Cyber threats in the modern era. Conventional approaches to threat identification might face difficulties in a number of things, namely the relevancy and the ability to process new and constantly evolving threats. Machine learning (ML) and deep learning (DL) based Approaches present AI as a potential solution to the problem of efficient threat detection.   Objective : The article aims to compare the RF, SVM, CNNs, and RNNs models’ performance, computational time, and resilience in identifying potential cyber threats, such as malware, phishing, and DoS attacks.   Methods : The proposed models were trained as well as evaluated on the NSL-KDD and CICIDS 2017 datasets. This was done based on common scheme indicators including accuracy, precision, recollection, F1 measure, detection rate of efficiency, AUC-ROC, False Alarm Rate (FAR), and the stability to adversaries. Rating of computational efficiency was defined by training time and memory consumption.   Results : The findings indicate that the CNNs gave the best accuracy (96%) and resisted perturbation better, and the RF showed good performance with little computational load. RNNs have been proved effective in sequential data analysis and SVM also performed fairly well on binary data classification although there is a problem of scalability.   Conclusion : CNNs used in AI models are the best solutions to protection from the threats in the cybersecurity space. Nevertheless, some of them still require computational optimization in order to make those beneficial in scenarios with a limited usage of computational resources. It is suggested that these findings can be used in the context of subsequent research and practical applications.