Enhancing Network Security Against Apts Through Svm-Based Network Traffic Analysis: Identifying Anomalies In Communication Flows

Abstract

Novel approaches to strengthen network security are required in the dynamic field of cybersecurity due to the increasing prevalence of Advanced Persistent Threats (APTs). To combat APTs, this study builds and tests a high-tech network traffic monitoring system that uses a Kernel Function to train a Nonlinear Support Vector Machine (SVM). In terms of offering thorough and precise threat detection, current models frequently fail. The impressive accuracy of 92%, precision of 88%, recall of 94%, and F1-Score of 0.95 demonstrate the better performance of our suggested system. An essential component of real-time threat detection, the connection with Apache Spark MLlib guarantees rapid processing of large-scale datasets and scalability. In a groundbreaking move, this study integrates distributed computing with nonlinear support vector machines (SVMs), creating an adaptive and resilient approach that surpasses previous models in APT detection in terms of accuracy and dependability. Our proposed model stands out from the competition thanks to the metrics that have been given and shown in a detailed bar chart. In addition to developing a new method for APT detection, this study establishes a new standard for the effectiveness of network security, which will allow for more robust cybersecurity frameworks to withstand changing threats. © 2024 IEEE.