Authors - Sarvesha Nakharekar, Seedhi Kundap, Suman Madan Abstract - When cyberattacks become ever more extensive and complicated, the demand for intelligent systems capable of executing cyber threat intelligence, digital forensics, and risk management efficiently has increased. We have focused on the important point where digital forensics and cyber threat intelligence meet through this article. In order to build and evaluate the classification models, a publicly accessible intrusion detection dataset was used. The models are Logistic Regression, Decision Tree, Random Forest, Support Vector Machine, K-Nearest Neighbors, and Multilayer Perceptron .The models were evaluated from the perspective of their probable employment in cyber threat intelligence and forensics, based on their performance indicators such as accuracy, precision, recall, F1- score, and computing efficiency .Through a critical discussion, the article also contains a number of significant problems that have been touched upon: the explainability of the attacks, the existence of adversarial attacks, the data imbalance problem, and the limitations of real time processing. The investigation, however, brings up the possibility of using machine learning based on detection outcomes to improve cyber risk management by threat prioritization and thereby making informed decisions. The document is an essential resource for both researchers and field specialists interested in exploring the use of ML to significantly improve threat forecasting, speed incident handling, and strengthen risk management even in a more and more unfriendly domain of cyberattacks.
Open Zoom