Assessing Machine Learning Techniques for Cryptographic Attack Detection: A Systematic Review and Meta-Analysis
DOI:
https://doi.org/10.56705/ijodas.v6i2.234Keywords:
Cryptology, Cryptographic Security, Machine Learning Techniques, Vulnerability Analysis, Cybersecurity, Attack Detection, Risk PredictionAbstract
The detection of cryptographic attacks is a vital aspect of maintaining cybersecurity, especially as digital infrastructures become increasingly intricate and susceptible to sophisticated threats. This systematic review aims to examine and compare a range of machine learning approaches applied to cryptographic attack detection, focusing on their performance in terms of detection rates, efficiency, and overall effectiveness. A comprehensive review and meta-analysis were conducted, focusing on existing research that utilized machine learning models for identifying cryptographic attacks. The models included in the review were Naïve Bayes, C4.5, Random Forest, Decision Tree, K-Means, and Particle Swarm Optimization (PSO) combined with Neural Networks. Studies were selected based on their relevance to cryptographic security, with particular attention paid to performance metrics like classification accuracy, precision, recall, and area under the curve (AUC). The findings indicated that the C4.5 decision tree model achieved a high classification rate of 98.8%, while both Random Forest and Decision Tree models performed with an accuracy of 99.9%, making them highly suitable for real-time attack detection. Additionally, the PSO + Neural Network model showed enhanced detection precision, illustrating the value of integrating optimization techniques with machine learning models. The use of machine learning, especially with ensemble methods such as Random Forest and Decision Trees, proves to be highly effective for cryptographic attack detection. The study underscores the necessity for customized machine learning solutions in cybersecurity, balancing both high accuracy and operational efficiency. Further research should focus on the real-world deployment of hybrid models to confirm their practical effectiveness.
Downloads
References
M. A. Yalçınkaya and E. U. Küçüksille, “Artificial Intelligence and Dynamic Analysis-Based Web Application Vulnerability Scanner,” ISeCure, vol. 16, no. 1, pp. 55–77, 2024, doi: 10.22042/isecure.2023.367746.847.
M. A. Ferrag, M. Babaghayou, and M. A. Yazici, “Cyber security for fog-based smart grid SCADA systems: Solutions and challenges,” J. Inf. Secur. Appl., vol. 52, 2020, doi: 10.1016/j.jisa.2020.102500.
M. Basnet and M. H. Ali, “Exploring cybersecurity issues in 5G enabled electric vehicle charging station with deep learning,” IET Gener. Transm. Distrib., vol. 15, no. 24, pp. 3435–3449, 2021, doi: 10.1049/gtd2.12275.
B. A. Alabsi, M. Anbar, and S. D. A. Rihan, “CNN-CNN: Dual Convolutional Neural Network Approach for Feature Selection and Attack Detection on Internet of Things Networks,” Sensors, vol. 23, no. 14, 2023, doi: 10.3390/s23146507.
M. Sherafatian and F. Arjmand, “Decision tree-based classifiers for lung cancer diagnosis and subtyping using TCGA miRNA expression data,” Oncol. Lett., vol. 18, no. 2, pp. 2125–2131, 2019, doi: 10.3892/ol.2019.10462.
J.-S. Coron, “What is cryptography?,” IEEE Secur. Priv. Mag., vol. 4, no. 1, pp. 70–73, Jan. 2006, doi: 10.1109/MSP.2006.29.
P. Mathews, A. Gaikwad, … M. U.-… M. L., and undefined 2024, “Introduction to Modern Cryptography and Machine Learning,” igi-global.com, Accessed: May 07, 2024. [Online]. Available: https://www.igi-global.com/chapter/introduction-to-modern-cryptography-and-machine-learning/340970
“Hash Functions,” in Applied Cryptanalysis, Wiley, 2007, pp. 193–264. doi: 10.1002/9780470148778.ch5.
Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments,” Energy Reports, vol. 7, pp. 8176–8186, Nov. 2021, doi: 10.1016/j.egyr.2021.08.126.
V. Vasani, A. K. Bairwa, S. Joshi, A. Pljonkin, M. Kaur, and M. Amoon, “Comprehensive Analysis of Advanced Techniques and Vital Tools for Detecting Malware Intrusion,” Electronics, vol. 12, no. 20, p. 4299, Oct. 2023, doi: 10.3390/electronics12204299.
A. Sarkar, S. R. Chatterjee, and M. Chakraborty, “Role of Cryptography in Network Security,” 2021, pp. 103–143. doi: 10.1007/978-981-15-9317-8_5.
Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions,” Electronics, vol. 12, no. 6, p. 1333, Mar. 2023, doi: 10.3390/electronics12061333.
Q. Covert, D. Steinhagen, M. Francis, and K. Streff, “Towards a Triad for Data Privacy,” 2020. doi: 10.24251/HICSS.2020.535.
M. Tarawneh, “Cryptography: Recent Advances and Research Perspectives,” in Cryptography - Recent Advances and Research Perspectives [Working Title], IntechOpen, 2023. doi: 10.5772/intechopen.111847.
Z. Alkhalil, C. Hewage, L. Nawaf, and I. Khan, “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy,” Front. Comput. Sci., vol. 3, Mar. 2021, doi: 10.3389/fcomp.2021.563060.
E. Gyamfi and A. Jurcut, “Intrusion Detection in Internet of Things Systems: A Review on Design Approaches Leveraging Multi-Access Edge Computing, Machine Learning, and Datasets,” Sensors, vol. 22, no. 10, p. 3744, May 2022, doi: 10.3390/s22103744.
A. D. Dwivedi, “BRISK: Dynamic Encryption Based Cipher for Long Term Security,” Sensors, vol. 21, no. 17, p. 5744, Aug. 2021, doi: 10.3390/s21175744.
K. Tsantikidou and N. Sklavos, “Threats, Attacks, and Cryptography Frameworks of Cybersecurity in Critical Infrastructures,” Cryptography, vol. 8, no. 1, p. 7, Feb. 2024, doi: 10.3390/cryptography8010007.
J. Ding, A. Qammar, Z. Zhang, A. Karim, and H. Ning, “Cyber Threats to Smart Grids: Review, Taxonomy, Potential Solutions, and Future Directions,” Energies, vol. 15, no. 18, 2022, doi: 10.3390/en15186799.
L. Vigoya, D. Fernandez, V. Carneiro, and F. J. Nóvoa, “IoT dataset validation using machine learning techniques for traffic anomaly detection,” Electron., vol. 10, no. 22, 2021, doi: 10.3390/electronics10222857.
P. M. Johnson, W. Barbour, J. V Camp, and H. Baroud, “Using machine learning to examine freight network spatial vulnerabilities to disasters: A new take on partial dependence plots,” Transp. Res. Interdiscip. Perspect., vol. 14, 2022, doi: 10.1016/j.trip.2022.100617.
A. Aziz and S. Mirzaliev, “Optimizing Intrusion Detection Mechanisms for IoT Network Security,” J. Cybersecurity Inf. Manag., vol. 13, no. 1, pp. 60–68, 2024, doi: 10.54216/JCIM.130106.
J. Yang, C. Fu, F. Deng, M. Wen, X. Guo, and C. Wan, “Toward Interpretable Graph Tensor Convolution Neural Network for Code Semantics Embedding,” ACM Trans. Softw. Eng. Methodol., vol. 32, no. 5, 2023, doi: 10.1145/3582574.
“Cryptographic Attack Detection and Vulnerability... - Google Scholar.” Accessed: May 07, 2024. [Online]. Available: https://scholar.google.com/scholar?start=90&q=Cryptographic+Attack+Detection+and+Vulnerability+Analysis++Using+Machine+Learning+Technique&hl=en&as_sdt=0,5
“Cryptographic Attack Detection and Vulnerability... - Google Scholar.” Accessed: May 07, 2024. [Online]. Available: https://scholar.google.com/scholar?start=30&q=Cryptographic+Attack+Detection+and+Vulnerability+Analysis++Using+Machine+Learning+Technique&hl=en&as_sdt=0,5
X. Zheng, “Computer Deep Learning Network Security Vulnerability Detection Based on Virtual Reality Technology,” Adv. Multimed., vol. 2022, 2022, doi: 10.1155/2022/6039690.
A. Salam et al., “Securing Smart Manufacturing by Integrating Anomaly Detection with Zero-Knowledge Proofs,” IEEE Access, vol. 12, pp. 36346–36360, 2024, doi: 10.1109/ACCESS.2024.3373697.
R. Zhang, S. Hussain, H. Chen, M. Javaheripi, and F. Koushanfar, “Systemization of Knowledge: Robust Deep Learning using Hardware-software co-design in Centralized and Federated Settings,” ACM Trans. Des. Autom. Electron. Syst., vol. 28, no. 6, 2023, doi: 10.1145/3616868.
A. Yazhari Kermani, A. Abdollahi, and M. Rashidinejad, “Cyber-secure energy and flexibility scheduling of interconnected local energy networks with introducing an XGBoost-assisted false data detection and correction method,” Int. J. Electr. Power Energy Syst., vol. 155, 2024, doi: 10.1016/j.ijepes.2023.109683.
H. Mohajan and H. K. Mohajan, “Munich Personal RePEc Archive Two Criteria for Good Measurements in Research: Validity and Reliability Two Criteria for Good Measurements in Research: Validity and Reliability,” 2017.
M. Amir-Behghadami and A. Janati, “Population, Intervention, Comparison, Outcomes and Study (PICOS) design as a framework to formulate eligibility criteria in systematic reviews,” Emerg. Med. J., vol. 37, no. 6, pp. 387–387, Jun. 2020, doi: 10.1136/emermed-2020-209567.
M. J. Page et al., “The PRISMA 2020 statement: an updated guideline for reporting systematic reviews,” BMJ, p. n71, Mar. 2021, doi: 10.1136/bmj.n71.
N. Niture, “Machine Learning and Cryptographic Algorithms – Analysis and Design in Ransomware and Vulnerabilities Detection,” Oct. 2020, doi: 10.36227/techrxiv.13146866.v1.
M. F. Kamarudin Shah, M. Md-Arshad, A. Abdul Samad, and F. A. Ghaleb, “Comparing FTP and SSH Password Brute Force Attack Detection using k-Nearest Neighbour (k-NN) and Decision Tree in Cloud Computing,” Int. J. Innov. Comput., vol. 13, no. 1, pp. 29–35, May 2023, doi: 10.11113/ijic.v13n1.386.
Y. Ahmed, A. T. Asyhari, and M. Rahman, “A Cyber Kill Chain Approach for Detecting Advanced Persistent Threats,” Comput. Mater. Contin., vol. 67, no. 2, pp. 2497–2513, 2021, doi: 10.32604/cmc.2021.014223.
A. Ali Hamza and R. Jumma surayh Al-Janabi, “Detecting Brute Force Attacks Using Machine Learning,” BIO Web Conf., vol. 97, p. 00045, Apr. 2024, doi: 10.1051/bioconf/20249700045.
A. F. Otoom, W. Eleisah, and E. E. Abdallah, “Deep Learning for Accurate Detection of Brute Force attacks on IoT Networks,” Procedia Comput. Sci., vol. 220, pp. 291–298, 2023, doi: 10.1016/j.procs.2023.03.038.
N. Alotibi and M. Alshammari, “Deep Learning-based Intrusion Detection: A Novel Approach for Identifying Brute-Force Attacks on FTP and SSH Protocol,” Int. J. Adv. Comput. Sci. Appl., vol. 14, no. 6, 2023, doi: 10.14569/IJACSA.2023.0140612.
N. Omer, A. H. Samak, A. I. Taloba, and R. M. A. El-Aziz, “Cybersecurity Threats Detection Using Optimized Machine Learning Frameworks,” Comput. Syst. Sci. Eng., vol. 48, no. 1, pp. 77–95, 2024, doi: 10.32604/csse.2023.039265.
A. A. Jabbar and W. S. Bhaya, “Security of private cloud using machine learning and cryptography,” Bull. Electr. Eng. Informatics, vol. 12, no. 1, pp. 561–569, Feb. 2023, doi: 10.11591/eei.v12i1.4383.
S. Shilpashree, S. C. Lingareddy, N. G. Bhat, and G. Sunil Kumar, “Decision tree: A machine learning for intrusion detection,” Int. J. Innov. Technol. Explor. Eng., vol. 8, no. 6 Special Issue 4, pp. 1126–1130, 2019, doi: 10.35940/ijitee.F1234.0486S419.
A. Al-Abassi, H. Karimipour, A. Dehghantanha, and R. M. Parizi, “An ensemble deep learning-based cyber-attack detection in industrial control system,” IEEE Access, vol. 8, pp. 83965–83973, 2020, doi: 10.1109/ACCESS.2020.2992249.
T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, M. Ghogho, and F. E. Moussa, “DeepIDS: Deep learning approach for intrusion detection in software defined networking,” Electron., vol. 9, no. 9, pp. 1–18, 2020, doi: 10.3390/electronics9091533.
P. S. Saini, S. Behal, and S. Bhatia, “Detection of DDoS Attacks using Machine Learning Algorithms,” in 2020 7th International Conference on Computing for Sustainable Global Development (INDIACom), IEEE, Mar. 2020, pp. 16–21. doi: 10.23919/INDIACom49435.2020.9083716.
S. Hossain, D. Sarma, and R. J. Chakma, “Machine learning-based phishing attack detection,” Int. J. Adv. Comput. Sci. Appl., vol. 11, no. 9, pp. 378–388, 2020, doi: 10.14569/IJACSA.2020.0110945.
S. Khan, K. Kifayat, A. Kashif Bashir, A. Gurtov, and M. Hassan, “Intelligent intrusion detection system in smart grid using computational intelligence and machine learning,” Trans. Emerg. Telecommun. Technol., vol. 32, no. 6, 2021, doi: 10.1002/ett.4062.
M. Kang, “Machine Learning: Anomaly Detection,” in Prognostics and Health Management of Electronics, Wiley, 2018, pp. 131–162. doi: 10.1002/9781119515326.ch6.
R. Zagrouba, R. A.-I. J. of Communication, and undefined 2021, “Machine learning based attacks detection and countermeasures in IoT,” core.ac.uk, vol. 13, no. 2, 2021, Accessed: May 07, 2024. [Online]. Available: https://core.ac.uk/download/pdf/539893726.pdf
K. Kumari and M. Mrunalini, “Detecting Denial of Service attacks using machine learning algorithms,” J. Big Data, vol. 9, no. 1, Dec. 2022, doi: 10.1186/S40537-022-00616-0.
T. Gaber, A. El-Ghamry, and A. E. Hassanien, “Injection attack detection using machine learning for smart IoT applications,” Phys. Commun., vol. 52, 2022, doi: 10.1016/j.phycom.2022.101685.
T. Muhammad and H. Ghafory, “SQL Injection Attack Detection Using Machine Learning Algorithm,” Mesopotamian J. CyberSecurity, vol. 2022, pp. 5–17, 2022, doi: 10.58496/MJCS/2022/002.
F. Subhan, X. Wu, L. Bo, X. Sun, and M. Rahman, “A deep learning-based approach for software vulnerability detection using code metrics,” IET Softw., vol. 16, no. 5, pp. 516–526, 2022, doi: 10.1049/sfw2.12066.
J. H. An, Z. Wang, and I. Joe, “A CNN-based automatic vulnerability detection,” Eurasip J. Wirel. Commun. Netw., vol. 2023, no. 1, 2023, doi: 10.1186/s13638-023-02255-2.
S. Ruiz-Villafranca, J. Roldán-Gómez, J. Carrillo-Mondéjar, J. M. C. Gómez, and J. M. Villalón, “A MEC-IIoT intelligent threat detector based on machine learning boosted tree algorithms,” Comput. Networks, vol. 233, 2023, doi: 10.1016/j.comnet.2023.109868.
W. B. Demilie and F. G. Deriba, “Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques,” J. Big Data, vol. 9, no. 1, 2022, doi: 10.1186/s40537-022-00678-0.
M. K. Baklizi et al., “Web Attack Intrusion Detection System Using Machine Learning Techniques,” Int. J. online Biomed. Eng., vol. 20, no. 3, pp. 24–38, 2024, doi: 10.3991/ijoe.v20i03.45249.
M. Zekri, S. El Kafhali, … N. A.-2017 3rd international, and undefined 2017, “DDoS attack detection using machine learning techniques in cloud computing environments,” ieeexplore.ieee.org, 2018, doi: 10.1109/CloudTech.2017.8284731.
H. Karimipour, A. Dehghantanha, R. M. Parizi, K.-K. R. Choo, and H. Leung, “A Deep and Scalable Unsupervised Machine Learning System for Cyber-Attack Detection in Large-Scale Smart Grids,” IEEE Access, vol. 7, pp. 80778–80788, 2019, doi: 10.1109/ACCESS.2019.2920326.
S. Reddy and G. K. Shyam, “A machine learning based attack detection and mitigation using a secure SaaS framework,” J. King Saud Univ. - Comput. Inf. Sci., vol. 34, no. 7, pp. 4047–4061, Jul. 2020, doi: doi.org/10.1016/j.jksuci.2020.10.005.
S. Hariprasad, T. Deepa, and N. Bharathiraja, “Detection of DDoS Attack in IoT Networks Using Sample Selected RNN-ELM,” Intell. Autom. Soft Comput., vol. 34, no. 3, pp. 1425–1440, 2022, doi: 10.32604/iasc.2022.022856.
A. Amjad, T. Alyas, U. Farooq, and M. A. Tariq, “Detection and Mitigation of DDoS Attack in Cloud Computing Using Machine Learning Algorithm,” EAI Endorsed Trans. Scalable Inf. Syst., vol. 6, no. 23, pp. 1–8, 2019, doi: 10.4108/eai.29-7-2019.159834.
Downloads
Published
Issue
Section
License
Authors retain copyright and full publishing rights to their articles. Upon acceptance, authors grant Indonesian Journal of Data and Science a non-exclusive license to publish the work and to identify itself as the original publisher.
Self-archiving. Authors may deposit the submitted version, accepted manuscript, and version of record in institutional or subject repositories, with citation to the published article and a link to the version of record on the journal website.
Commercial permissions. Uses intended for commercial advantage or monetary compensation are not permitted under CC BY-NC 4.0. For permissions, contact the editorial office at ijodas.journal@gmail.com.
Legacy notice. Some earlier PDFs may display “Copyright © [Journal Name]” or only a CC BY-NC logo without the full license text. To ensure clarity, the authors maintain copyright, and all articles are distributed under CC BY-NC 4.0. Where any discrepancy exists, this policy and the article landing-page license statement prevail.
