Abstract
India has witnessed a huge level of digitization in the last two decades which has greatly impacted its economy and society. But the increasing use of technology has also intensified the number and level of threats to cyberspace in the country. Signature-based detection systems that have dominated the cybersecurity field for years have not been up to the challenge of modern attackers who use more complex and diverse attack methods. These challenges are well understood and this research focuses on improving the cybersecurity anomaly detection in India during the period between 2003 and 2022 using advanced AI and machine learning. The research focuses on the examination of the patterns, abnormality and trends in the cyber incidents in the important sectors of the economy including finance, healthcare, government and technology. The study will further the understanding of the current cybersecurity environment in India by considering sectoral exposures and the evolution of cyber threats. To classify and detect anomalies in the data collected, the following five strong machine learning algorithms are used: Random Forest SVM, Neural Networks, K-means Clustering, and Isolation Forest. Such algorithms are selected because of their efficiency for comprehensive processing of big data and their capacity to detect non-linear dependencies linked to cyber threats. Guided by the Cross-Industry Standard Process for Data Mining (CRISP-DM) methodology, the research encompasses several critical phases: data acquisition, where the nature and structure of the cybersecurity data is determined; data pre-processing, which involves data cleaning and data transformation; data modeling, whereby the selected machine learning algorithms are fitted onto the data; model evaluation, where the performance of the developed models is evaluated using metrics such as accuracy, precision, recall, F1 score, and ROC-AUC; and model deployment, which involves the integration of the best performing models into functional frameworks for. The results of this study are expected to provide a clear understanding of the changes in cyber threats in India, and the nature of the sectors most at risk, as well as the types of attacks most frequently used. Thus, the research assists in the identification of major trends and patterns and the formulation of effective preventive measures for improving cybersecurity. In addition, the use of AI-based anomaly detection models is believed to improve response to incidents and contribute to the development of a stronger digital platform in different industries. Finally, this study envision to make a significant impact towards the fulfillment of India’s national level cybersecurity objectives by offering a framework that has the capacity to expand and be relevant to the ever changing cyber threats.
Publication Date
12-10-2024
Document Type
Thesis
Student Type
Graduate
Degree Name
Professional Studies (MS)
Department, Program, or Center
Graduate Programs & Research
Advisor
Sanjay Modak
Advisor/Committee Member
Ehsan Warriach
Recommended Citation
Almansoori, Mohamed, "AI-Driven Anomaly Detection in Cybersecurity" (2024). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/12015
Campus
RIT Dubai