Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Evaluating Predictive Models in Cybersecurity: A Comparative Analysis of Machine and Deep Learning Techniques for Threat Detection

Momen Hesham, Mohamed Essam, Mohamed Bahaa, Ahmed Mohamed, Mohamed Gomaa, Mena Hany, Wael Elsersy

TL;DR

This study tackles the challenge of selecting effective predictive models for cybersecurity threat detection by conducting a comparative analysis of traditional machine learning and modern deep learning approaches on two real-world datasets. It combines rigorous preprocessing, feature selection, and parallel training pipelines for ML and DL models, evaluating them with standard metrics such as accuracy, precision, recall, and F1-score. The findings show that ensemble methods, particularly Random Forest and Extra Trees, achieve the highest performance across datasets, while deep learning models offer strong results under certain conditions at the cost of higher computation. The work provides practical guidance for cybersecurity professionals on model selection and configuration, and points to future work on hybrid and adaptive models to enable real-time, scalable defense against evolving threats.

Abstract

As these attacks become more and more difficult to see, the need for the great hi-tech models that detect them is undeniable. This paper examines and compares various machine learning as well as deep learning models to choose the most suitable ones for detecting and fighting against cybersecurity risks. The two datasets are used in the study to assess models like Naive Bayes, SVM, Random Forest, and deep learning architectures, i.e., VGG16, in the context of accuracy, precision, recall, and F1-score. Analysis shows that Random Forest and Extra Trees do better in terms of accuracy though in different aspects of the dataset characteristics and types of threat. This research not only emphasizes the strengths and weaknesses of each predictive model but also addresses the difficulties associated with deploying such technologies in the real-world environment, such as data dependency and computational demands. The research findings are targeted at cybersecurity professionals to help them select appropriate predictive models and configure them to strengthen the security measures against cyber threats completely.

Evaluating Predictive Models in Cybersecurity: A Comparative Analysis of Machine and Deep Learning Techniques for Threat Detection

TL;DR

This study tackles the challenge of selecting effective predictive models for cybersecurity threat detection by conducting a comparative analysis of traditional machine learning and modern deep learning approaches on two real-world datasets. It combines rigorous preprocessing, feature selection, and parallel training pipelines for ML and DL models, evaluating them with standard metrics such as accuracy, precision, recall, and F1-score. The findings show that ensemble methods, particularly Random Forest and Extra Trees, achieve the highest performance across datasets, while deep learning models offer strong results under certain conditions at the cost of higher computation. The work provides practical guidance for cybersecurity professionals on model selection and configuration, and points to future work on hybrid and adaptive models to enable real-time, scalable defense against evolving threats.

Abstract

As these attacks become more and more difficult to see, the need for the great hi-tech models that detect them is undeniable. This paper examines and compares various machine learning as well as deep learning models to choose the most suitable ones for detecting and fighting against cybersecurity risks. The two datasets are used in the study to assess models like Naive Bayes, SVM, Random Forest, and deep learning architectures, i.e., VGG16, in the context of accuracy, precision, recall, and F1-score. Analysis shows that Random Forest and Extra Trees do better in terms of accuracy though in different aspects of the dataset characteristics and types of threat. This research not only emphasizes the strengths and weaknesses of each predictive model but also addresses the difficulties associated with deploying such technologies in the real-world environment, such as data dependency and computational demands. The research findings are targeted at cybersecurity professionals to help them select appropriate predictive models and configure them to strengthen the security measures against cyber threats completely.
Paper Structure (13 sections, 2 equations, 2 figures, 3 tables)

This paper contains 13 sections, 2 equations, 2 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. methodology
  4. Data Preprocessing
  5. Training models
  6. Machine learning
  7. Deep Learning
  8. EXPERIMENT AND RESULTS
  9. Dataset
  10. Feature Selection
  11. Model Execution
  12. DISCUSSION
  13. CONCLUSION AND FUTURE WORK

Figures (2)

  • Figure 1: Pair Plot of Selected Features by Attack Type:
  • Figure 2: Box Plot Analysis of Distance to Cluster Head and Data Sent to Base Station by Attack Type