Applying Artificial Intelligence Techniques on Cyber Security Datasets: Detecting Cyber Attacks.

The rapid expansion of government and corporate services to the online sphere has spurred a notable surge in internet usage among individuals. However, this increased connectivity also amplifies the risks posed by cyber threats, as hackers exploit external networking avenues and corporate networks for personal activities. Consequently, proactive measures must be taken to mitigate potential financial losses and resource drain from cyber attacks. To this end, numerous machine-learning techniques have been developed for cybercrime detection and threat mitigation. This study evaluates several prominent machine learning methods to identify and address significant cyber threats. The research scrutinizes the effectiveness of five techniques: Random Forest, Decision Tree, Convolutional Neural Network (CNN), K-Nearest Neighbors (KNN), and Naive Bayes. Among these, Random Forest demonstrates superior performance with an accuracy rate of 99.69%, outperforming ensemble models such as Decision Tree, CNN, KNN, and Naive Bayes

The statistical nature of leakage in SSE schemes and its role in passive attacks

Encrypted search schemes have been proposed to address growing privacy concerns. However, several leakage-abuse attacks have highlighted the shortcomings of these schemes. The literature remains vague about the consequences of these attacks for real-world applications: are these attacks dangerous in practice? Is it safe to use these schemes? Do we even need countermeasures? This paper introduces a novel mathematical model for attackers\u27 knowledge using statistical estimators. Our model reveals that any attacker\u27s knowledge is inherently noisy, which limits attack effectiveness. This inherent noise can be considered a security guarantee, a natural attack mitigation. Capitalizing on this insight, we develop a risk assessment protocol to guide real-world deployments. Our findings demonstrate that limiting the index size is an efficient leverage to bound attack accuracy. Finally, we employ similar statistical methods to enhance attack analysis methodology. Hence, our work offers a fresh perspective on SSE attacks and provides practitioners and researchers with novel methodological tools

Passive Attacks Against Searchable Encryption

Searchable encryption (SE) provides a privacy-preserving mechanism for data users to search over encrypted data stored on a remote server. Researchers have designed a number of SE schemes with high efficiency yet allowing some degree of leakage profile to the remote server. The leakage, however, should be further measured to allow us to understand what types of attacks an SE scheme would encounter. This paper considers passive attacks that make inferences based on prior knowledge and observations on queries issued by users. This is in contrast to previously studied active attacks that adaptively inject files and queries. We consider several assumptions on the types or prior knowledge the attacker possessed and propose a few passive attacks. In particular, under the “full-fledged” assumption, the keyword recovery rate of our attack is optimal in the sense that it is equal to the theoretical upper bound. We further present several enhanced attacks under other weaker assumptions on various levels of the prior knowledge that the attacker can obtain, in which the keyword recovery rates are optimal or nearly optimal (i.e., approaching the theoretical upper bound). In addition, we provide extensive experiments to show the “power” of our passive attacks. This paper highlights the importance of minimizing the prior knowledge of a server and the leakage of search queries. It also shows that simply distorting the frequency of the keyword to hold against our passive attacks may not scale well