Abstract
The digital age has ushered in unprecedented connectivity and technological advancement, which have also introduced a surge in sophisticated and frequent cyber threats. To safeguard systems, anomaly detection has become a cornerstone of cybersecurity, enabling the identification of deviations from normal system behaviour. This study presents a comparative analysis of three machine learning techniques—Isolation Forest, Long Short-Term Memory (LSTM), and Q-Learning—for cyberattack anomaly detection. The study designed and implemented a system using the CICIDS-2017 dataset (2,830,743 records) in Python, preceded by data preprocessing and feature engineering. Evaluation metrics, including Accuracy, F1-Score, and error rates (FPR, FNR) revealed a clear performance hierarchy. The LSTM model proved superior, achieving a near-perfect Accuracy of 99.53% with minimal errors (FPR: 0.35%, FNR: 0.50%). Q-Learning showed strong, adaptive potential, recording an Accuracy of 92.80% and an F1-Score of 90.25%, though with higher error rates (FPR: 8.58%). Conversely, the unsupervised Isolation Forest was inadequate for this labeled task, with metrics around 50%. The findings establish LSTM as ideal for maximum accuracy, Q-Learning as a viable option for dynamic environments, and highlight the limitations of simple unsupervised methods on complex security datasets.
Keywords
Cyberattack, Anomaly, Detection, Machine, Learning, Isolation Forest, Q-Learning, LSTM, Long Short-Term, Memory.
Citations
IRE Journals:
Dorcas Atinuke Adedokun, Wasiu Oladimeji Ismaila, Simeon Ayoade Adedokun, Elizabeth A. Amusan, Folasade Muibat Ismaila "Comparison of Selected Machine Learning Techniques in Cyberattack Anomaly Detection" Iconic Research And Engineering Journals Volume 9 Issue 4 2025 Page 342-353 https://doi.org/10.64388/IREV9I4-1711113-3371
IEEE:
Dorcas Atinuke Adedokun, Wasiu Oladimeji Ismaila, Simeon Ayoade Adedokun, Elizabeth A. Amusan, Folasade Muibat Ismaila
"Comparison of Selected Machine Learning Techniques in Cyberattack Anomaly Detection" Iconic Research And Engineering Journals, 9(4) https://doi.org/10.64388/IREV9I4-1711113-3371
About IRE Journals
IRE Journals is an open access online journals established with an aim to publish high quality of research work in various diciplines. We have more than 6 years in publications. Over 2500+ papers already published.
Important Links
For Authors
Volume 8:
Issue 1, Issue 2, Issue 3, Issue 4, Issue 5, Issue 6, Issue 7, Issue 8, Issue 9, Issue 10, Issue 11, Issue 12Volume 7:
Issue 1, Issue 2, Issue 3, Issue 4, Issue 5, Issue 6, Issue 7, Issue 8, Issue 9, Issue 10, Issue 11, Issue 12Volume 6:
Issue 1, Issue 2, Issue 3, Issue 4, Issue 5, Issue 6, Issue 7, Issue 8, Issue 9, Issue 10, Issue 11, Issue 12Volume 5:
Issue 1, Issue 2, Issue 3, Issue 4, Issue 5, Issue 6, Issue 7, Issue 8, Issue 9, Issue 10, Issue 11, Issue 12Volume 4:
Issue 1, Issue 2, Issue 3, Issue 4, Issue 5, Issue 6, Issue 7, Issue 8, Issue 9, Issue 10, Issue 11, Issue 12Volume 3:
Issue 1, Issue 2, Issue 3, Issue 4, Issue 5, Issue 6, Issue 7, Issue 8, Issue 9, Issue 10, Issue 11, Issue 12