| Abstract [eng] |
Machine learning (ML) algorithms are widely used in various fields, including cyber threat intelligence (CTI), financial technology (Fintech), and intrusion detection systems (IDSs). They automate security alert data analysis, enhancing attack detection, incident response, and threat mitigation. Fintech is particularly vulnerable to cyber-attacks and cyber espionage due to its data-centric nature. Because of this, it is essential to give priority to the classification of cyber-attacks to accomplish the most crucial attack detection. Improving ML models for superior prioritized recognition requires a comprehensive strategy that includes data preprocessing, enhancement, algorithm refinement, and customized assessment. To improve cyber-attack detection in the Fintech, CTI, and IDS sectors, it is necessary to develop an ML model that better recognizes the prioritized classes, thereby enhancing security against important types of threats. This research introduces adaptive incremental learning, which enables ML models to keep learning new information by looking at changing data from a data stream, improving their ability to accurately identify types of cyber-attacks with high priority. The Analytical Hierarchy Process (AHP) is suggested to help make the best decision by evaluating model performance based on prioritized classes using real multi-class datasets instead of artificially improved ones. The findings demonstrate that the ML model improved its ability to identify prioritized classes of cyber-attacks utilizing the ToN_IoT network dataset. The recall value for the “injection” class rose from 59.5% to 61.8%, the recall for the “password” class increased from 86.7% to 88.6%, and the recall for the “ransomware” class improved from 0% to 23.6%. |
