International Journal of Science, Engineering and TechnologyAuthors: M. Francis, M. Shareena, K. Niharika, P. Nikhatjahan, Sk. Mehavish
Abstract: Traditional Cyber threat detection system depend on static,pre-trained models that fails to adapt changing patterns,leading to performance deterioration against zero-day threats. An adaptive real-time essemble framework (AREF) for cyber threat categorization is presented in this study to get over this restriction. It is intended to improve detection accuracy and flexibility by integrating dynamic models. Three machine learning classifiers are used by AREF to collaboratively process network traffic data in real time: XGBoost, LightGBM, and Random Forest. Different feature viewpoints are captured by each model, and their predictions are adaptively merged using a weighted stacking method that is adjusted by ongoing performance monitoring. Three models are used in this technique. Capturing nonlinear connections is the first step.in high-dimensional traffic characteristics while guaranteeing strong generalization against overfitting. By using leaf-wise growth with depth limitations and histogram-based gradient boosting, LightGBM speeds up real-time classification, allowing for quicker convergence and effective management of massive streaming data. Random Forest lowers variance and improves robustness to noisy and unbalanced datasets by introducing feature randomization and parallel decision aggregation.The framework may change in real time because to its adaptive ensemble technique, keeping its excellent accuracy even when network activity patterns change. According to experimental evaluation, AREF provides a scalable and explicable solution for real-time cyber threat detection and classification in dynamic environments, consistently outperforming static ensembles and individual base models in terms of F1-score, detection precision, and response latency.
DOI: http://doi.org/10.5281/zenodo.20391322
