MACHINE LEARNING IN CYBER SECURITY

OPERATIONS
A Technical Seminar Report Submitted In partial
fulfillment of the requirement for the award of the degree of

BACHELOR OF TECHNOLOGY IN
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
Submitted by

[Link] - 216N1A0535

Under the esteemed guidance of

[Link] Krishna Raju,
[Link] Assistant Professor
Department of CSE

SRINIVASA INSTITUTE OF ENGINEERING & TECHNOLOGY

(UGC - Autonomous Institution)

(Approved by AICTE, Permanently affiliated to JNTUK, Kakinada) (ISO 9001:2015 Certified Institute)
(Accredited by NAAC with ’A ‘Grade) (Recognized by UGC under sections 2(f) & 12(B))

NH-216, Cheyyeru (v), Amalapuram-533222

2024-2025
 SRINIVASA INSTITUTE OF ENGINEERING & TECHNOLOGY
(UGC - Autonomous Institution)
(Approved by AICTE, Permanently affiliated to JNTUK, Kakinada) (ISO 9001:2015 Certified

Institute) (Accredited by NAAC with ’A ‘Grade) (Recognized by UGC under sections 2 (f) &12(B))
NH-216, Cheyyeru (v), Amalapuram-533222

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

CERTIFICATE

This is to certify that the Technical Seminar Report on entitled “MACHINE LEARNING IN CYBER SECURITY
OPERATIONS ” is a bonafide work of [Link] bearing Roll Number 216N1A0535 of IV [Link] in Computer
Science Engineering Department, Srinivasa Institute of Engineering and Technology, Amalapuram, affiliated to Jawaharlal
Nehru Technological University Kakinada, during the academic year 2025-2026 in partial fulfilment of the requirements for
the award of bachelor of technology Computer Science Engineering.

Mrs. V SaiPriya, [Link], (Ph.D.) [Link] Krishna Raju, MTech

Head of the Department Internal Guide

EXTERNAL EXAMINER

I
 ACKNOWLEDGEMENT

We express our sincere gratitude to our esteemed Institute Srinivasa Institute of

Engineering & Technology, which has provided us an opportunity to fulfil the most
cherished Desire to reach our goal.
We owe own project to Mr. M RAMAKRISHNA RAJU, Assistant Professor,
Department of Computer Science and Engineering, who has been our project guide.
We sincerely thank her for the support and guidance which was given to us, as
without which we would not have made this effort of our success.
We express our deep hearted thanks to Mrs. V SAIPRIYA our beloved Head of the
Department for being helpful in providing us with his valuable advice and timely
guidance.

We would like to thank the principal, Dr. M SREENIVASA KUMAR and

management of Srinivasa Institute of Engineering and Technology, for providing
us with the requisite facilities to carry out project in the campus.
Our deep hearted thanks to all the faculty members of our department for their
value-based impairing of theory and partial subjects, which we had put into use in
our project. We are also indebted to the non-teaching staff for their co-operation.
We would like to thanks our Friends and Family members for their help and
support in making our project a success.

[Link]

II
 ABSTRACT
The defense of computational devices as well as computer networks against
information leaks, theft, and damage to their electronic data, software, hardware,
or other components, as well as against interruption or misrepresenting the services
they offer, is defined as cyber security by [Link]. In recent years, there
has been an unparalleled increase in public interest in machine learning (ML)
research. People's learning and working styles are changing as the Internet and
social life become more intertwined, yet this also exposes them to major security
risks. Protecting confidential data, networks, and computer-connected systems
against illegal cyberattacks is a difficult challenge. Effective cyber security is
crucial for this. To solve this issue, recent technologies like machine learning and
deep learning are combined with cyberattacks. The write-up covers machine
learning technology in cyber security, explores the benefits and limitations of
employing them, and offers recommendations for future research. The world of
today is highly network-interconnected due to the prevalence of both small
personal devices (like smartphones) and large computing devices or services (like)
cloud computing or online banking). As a result, millions of data bytes are
generated, processed, exchanged, shared, and used every minute to produce results
in specific applications. As a result, protecting user privacy. machine (device)
security, and data in cyberspace has become a top priority for private citizens,
corporate entities, and national governments. Machine learning (ML) has often
been used in cybersecurity in recent years, including for biometric-based user
authentication and intrusion or virus detection. But ML. algorithms are vulnerable
to intrusions during both the training and testing phases, which often lead to
noticeable performance decreases and security vulnerabilities. Comparatively little
studies have been conducted to ascertain the type, extent, and defense mechanisms
of ML. methods' vulnerabilities against security threats. Systematizing recent
cybersecurity-related initiatives leveraging ML is vital to garner the interest of
researchers, scientists, and engineers

Keywords: Machine learning,Cyber security,Cyberattacks,Detection

 PAGE INDEX

Chapter-1 INTRODUCTION...........................................................................7

Chapter-2 LITERATURE SURVEY....................................................................9

Chapter-3 REQUIREMENTS SPECIFICATIONS........................................ 12

Chapter-4 ARCHITECTURE/CONCEPTUAL DESIGN....................................15

Chapter-5 APPLICATION………………………………...................................22

Chapter-6 CONCLUSION..................................................................................25
Chapter-7 FUTURE SCOPE...............................................................................26

Chapter- 8 REFERENCES..................................................................................27
 FIGURE INDEX

FIG NO. NAME OF THE FIGURE PAGE NO.

2.1 Anomaly detection 9
2.2 Malware detection and its types 10
4.1 Architectural/block diagram 16
4.2 Work flow of the architectural 17
diagram
4.3 21
Proposed architecture for cyber-
attack/security using machine
learning and ensemble learning

5.1 Machine learning for prevention of 22

vulnerabilities
5.2 Machine learning for detection of 22
vulnerabilities
5.3 Machine learning application for 24
recovery and response in time of
vulnerabilities
 CHAPTER - 1
INTRODUCTION
With the increasing sophistication of cyber-attacks, traditional security systems have
become insufficient in safeguarding critical infrastructure. Cybersecurity operations
must evolve to tackle new threats effectively. Machine learning, as a subset of
artificial intelligence, has gained traction for its capability to automate threat
detection and prediction in real-time. By leveraging historical data and identifying
patterns, ML models can enhance decision-making processes in detecting
anomalies and securing networks.

The introduction of ML in cybersecurity has led to the development of advanced

systems for preventing phishing, identifying malware, securing IoT devices, and
monitoring network traffic. In the modern digital age, cybersecurity threats are
becoming increasingly sophisticated, posing significant risks to individuals
, businesses, and governments. Traditional security systems based on rule-based
detection mechanisms, while useful, often struggle to keep up with the evolving
nature of cyber threats.

This is due to their inability to detect new, previously unseen attack patterns. To
address this issue, the integration of Machine Learning (ML) into cybersecurity
operations has emerged as a promising solution. Machine learning, a subset of
artificial intelligence (AI), has the ability to learn from data and adapt its approach
without explicit programming
.
ML models can be trained to recognize complex patterns, making them suitable for
detecting abnormal activities in a network, identifying malware, preventing fraud,
and even predicting cyber-attacks before they occur.
7
The inherent capability of machine learning to handle large datasets, uncover hidden
patterns, and adjust to new data without human intervention makes it an ideal tool
for modern cybersecurity challenges. In cybersecurity, machine learning algorithms
can be applied to a variety of areas such as intrusion detection, anomaly detection,
malware classification, phishing email detection, and more.

These applications help security systems become more proactive rather than
reactive, enabling quicker responses to potential threats. Despite its promising
advantages, the adoption of machine learning in cybersecurity also brings
challenges, including the need for high-quality, labeled datasets, model
interpretability, adversarial attacks, and concerns over data privacy.
.

8
 CHAPTER - 2
LITERATURE SURVEY

The use of machine learning in cybersecurity is a rapidly evolving field, with

numerous studies and real-world applications exploring its potential. The
following highlights key contributions:

. Anomaly Detection: Machine learning algorithms, particularly unsupervised

learning techniques like clustering and outlier detection, are widely applied in
identifying unusual activities that may indicate a cyber attack. Algorithms such as
K-means clustering, Support Vector Machines (SVM), and Neural Networks have
shown effectiveness in real-time threat detection

[Link] detection

Malware Detection and Classification: ML models, including decision

trees, random forests, and deep learning networks, have been used to classify nd
detect malicious software. By analyzing file metadata and behavior, these models
can differentiate between benign and harmful files.
9
 fig2.2. different types of malware

Phishing Detection: Natural Language Processing (NLP) techniques in ML are

frequently used to detect phishing emails by analyzing the structure and content
of email messages to classify them as legitimate or fraudulent.

Intrusion Detection Systems (IDS): Several studies have implemented

machine learning algorithms to improve IDS. Supervised learning methods such
as Logistic Regression and K-Nearest Neighbors (KNN) are widely adopted for
detecting network-based intrusions. Adversarial

Machine Learning: One of the challenges in cybersecurity using ML is the

ability of adversaries to manipulate models. Researchers have developed
methods to make ML models more resilient to adversarial attacks by enhancing
their robustness and interpretability.
Model Interpretability: Many machine learning models, especially deep
learning models, are often considered "black boxes" because their decisionmaking
process is not transparent. This lack of interpretability makes it difficult to
understand why a particular decision was made, which is critical in security contexts
where the stakes are high. Explainable AI (XAI) is an area of ongoing research
aimed at improving the transparency and interpretability of machine learning
models.
10
Adversarial Attacks: One of the critical challenges when using machine learning
for cybersecurity is the vulnerability of models to adversarial attacks. These
attacks involve manipulating input data in subtle ways to deceive machine
learning algorithms into making incorrect predictions. Research has shown that
even minor changes to network traffic, such as modifying packets, can mislead an
IDS trained with machine learning. Studies like those by Goodfellow et al. (2015)
have highlighted the need to develop robust models capable of resisting such
attacks.

Data Privacy and Security: Machine learning models require vast amounts of
data to be trained effectively. In cybersecurity, this data is often sensitive, and
using it raises concerns about privacy and compliance with regulations such as
GDPR (General Data Protection Regulation). Techniques such as federated
learning, which allows models to be trained on distributed datasets without
sharing the data itself, are being explored as potential solutions to this challenge.
Adversarial Attac

11
 CHAPTER - 3

SOFTWARE REQUIREMENTS SPECIFICATIONS

Software Requirements Specification (SRS) for a Machine Learning (ML)

system in Cybersecurity Operations is crucial to outline both functional and
non-functional requirements. The SRS document typically includes all details
about the system's intended functionality, design constraints, and
performance criteria.

Functional Requirements
1. Data Ingestion: The system shall ingest various types of cyber
security-related data, including network traffic logs, system logs, and threat
intelligence feeds.

2. Data Preprocessing: The system shall preprocess the ingested data,

including cleaning, transforming, and normalizing the data.

3. Machine Learning Model Training: The system shall train machine

learning models using the preprocessed data, including supervised and
unsupervised learning algorithms

.4. Threat Detection: The system shall use the trained machine learning
models to detect cyber threats, including anomalies, malware, and other
types of attacks.

5. Alerting and Notification: The system shall generate alerts and

notifications for detected threats, including sending notifications to security
analysts and incident responders.

6. Model Updating and Maintenance: The system shall update and

maintain the machine learning models, including retraining the models with
new data and updating the model parameters.
Non-Functional Requirements

1. Performance: The system shall detect cyber threats in real-time, with

a maximum latency of 1 second.
12
2. Accuracy: The system shall detect cyber threats with a minimum
accuracy of 95%.
3. Scalability: The system shall scale to handle large volumes of data,
including network traffic logs and system logs.4. Security: The system shall
ensure the confidentiality, integrity, and availability of the data, including
encrypting the data at rest and in transit..
Interface Requirements
1. User Interface: The system shall provide a user-friendly interface for security
analysts and incident responders, including visualizations and dashboards.
2. API Interface: The system shall provide APIs for integrating with other cyber
security systems, including threat intelligence feeds and incident response
platforms.
System Requirements
1. Operating System: The system shall run on a Linux-based operating system
2. Database: The system shall use a relational database management system,
including MySQL or PostgreSQL.
3. Machine Learning Framework: The system shall use a machine learning
framework, including TensorFlow or PyTorch.
Testing Requirements
1. Unit Testing: The system shall undergo unit testing to ensure the correctness
of the individual components.
2. Integration Testing: The system shall undergo integration testing to ensure
the correctness of the integrated components.
3. System Testing: The system shall undergo system testing to ensure the
correctness of the entire system.

13
 Cyber security operations for machine learning Data Collection
1. Network Traffic Logs: Collect network traffic logs to analyze patterns and
anomalies.
2. System Logs: Collect system logs to analyze system events and errors.
3. Threat Intelligence Feeds: Collect threat intelligence feeds to stay up-to-
date on emerging threats.
Data Preprocessing
1. Data Cleaning: Clean the data by removing duplicates, handling missing
values, and normalizing the data.
2. Data Transformation: Transform the data into a format suitable for
machine learning algorithms.
3. Data Reduction: Reduce the dimensionality of the data using techniques
such as PCA or t-SNE
Machine Learning Model Training
1. Supervised Learning: Train supervised machine learning models using
labeled data to detect known threats.
2. Unsupervised Learning: Train unsupervised machine learning models using
unlabeled data to detect unknown threats
3. Deep Learning: Train deep learning models using large datasets to detect
complex threats.
Threat Detection and Response
1. Threat Detection: Use the deployed machine learning models to detect
threats in real-time.
2. Alerting and Notification: Generate alerts and notifications for detected
threats.
3. Incident Response: Respond to detected threats using incident response
playbooks.
Continuous Improvement
1. Model Updates: Update the machine learning models with new data and
threat intelligence.

2. Model Tuning: Tune the machine learning models to improve their _performance_
14
 CHAPTER-4
Architecture/conceptual design

Machine Learning in Cybersecurity operations is an interesting topic, and it has

been influenced by the computerization of many different application domains,

including e-commerce platforms such as banking business, medicine, and many

other crucial fields . A critical problem is to recognize the different network

assaults, especially those that have never been encountered before. The

architectural framework shows that the machine is built using a bottom-up

clustering technique; it gathers information, patterns, and sequences before

gradually combining them into sizable clusters.

According to such procedures, clusters are created by joining existing

clusters that are close together. Using the KNN rule, the target knowledge

is searched for and compared to a set of predefined rules and sequences

and the algorithm compares the target data at first with the network’s

historical behavior and a set of trained tagged data that contain information

on damaging data to the system. The main goal here is to create a system

that examines common network trends and behavior and gradually learn

to distinguish between regular risks and typical data

15
 fig4.1: Architectural/block diagram

This network system was built for 'Host-based intrusion detection’, we frequently

keep an eye on host logs. It can record incursions in terms of frequently

occurring patterns, very effective attacks, or network node vulnerabilities, these

nodes Include all types and forms of computational devices Here, we create a

misuse detection version using, he MLP algorithm.

16
Here, we create a misuse detection version using the MLP algorithm.

A multilayer perceptron is a feedforward variant of an artificial neural

network that examines the known facts and produces outputs that are hard and

fast accurate and correct

fig [Link] of the Architectural Diagram

17
 I rtput Data (Sou<c« packet%)

There is an excessive level of false alarms in anomaly detection. To deal with such

issues, reinforcement learning is used, where the network is trained to make

decisions and identify potential risks. This device uses a reinforcement signal that is

sent to the fusion center using the environment to alter the weights defining each

agent’s selection capability and the weights expressing their trust in making

decisions in person. The computer no longer wants to waste resources responding to

a false threat thanks to this algorithm's reduction in the number of false alarms
.
[Link] Solutions for Machine Learning to Boost Cybersecurity

A developer must comprehend the function that machine learning and deep learning

play in cybersecurity. You may create cutting-edge, reliable security software by

using machine learning ML model operations. But first, you must be familiar with

the procedures and tools that will aid in the creation of ML models. Additionally,

effective model management is necessary for success. One can manage the model

registry and obtain good results from it by doing this.

1. Closing the Skills Gap In Cybersecurity:

Different types of businesses are becoming increasingly concerned about

cybersecurity. In the current insecure digital environment, no one can feel secure or

unaffected by attacks. This has forced businesses to hire more cybersecurity

specialists to improve their ability to defend against complex attacks.

18
2. Supports Task Automation:

Daily responsibilities that never seem to end are handled by security personnel and

business owners. The primary drawback is that the majority of these duties are

repetitive. They are being compelled by this to investigate alternate options like

automation, which developers like you can assist them in putting into practice. Each

firm can benefit from machine learning. As a developer, you ought to encourage

automating operations with machine learning and developing models to streamline

procedures because:

I. Simple malware detection

II. Analyze threats to a specific vulnerability quickly
III. Facilitate the work of security personnel.
IV. Accelerates the identification and reaction to threats

3. Facilitates the detection and classification of threats:

This is a crucial stage in any network's security. Large data sets are ideal for machine

and deep learning analysis. It can benefit a company by:

I. Recognize harmful behavior and act immediately to address it.

II. Utilize signs from its database to find persistent security concerns.
4. Inhibits phishing:
One of the prevalent attack methods being utilized by cybercriminals is phishing. By

educating employees about phishing, businesses may stop it from happening. The

knowledge they gain from training can then be applied to spot phishing emails,

links, and websites.

19
5. Endpoint Security:

Keeping an organization's endpoints contained is one of the best ways to keep it safe

. A company may be exposed to a sizable number of threats because of infected

hosts, endpoints, and devices. A corporation requires machine learning since it can

aid with endpoint protection.

6. Contributes to Network Risk Scoring:

Network analysis aids organizations in future assault prevention. A business can

dedicate additional resources to secure the network's weak points if it is aware of

them. The best course of action is to assess previous dangers and pinpoint the

openings that intruders used to access the network.

[Link] Human Contact:

The way that people interact with technology is a crucial consideration when trying

to secure a company network. In actuality, technology will never be able to fully

replace people. It can only improve human performance and increase production in

less time and at a cheaper cost

.
Proposed architecture

Using the KNN rule, searching for and comparing the target information to a set of

established rules and sequences . This paper is an improvement on Vivek et al,

algorithm that relates the target data at first with the network's historical behavior
and a set of trained tagged data that contain information on damaging data to the
system. The main goal here is to create a system that examines common
network rends and behavior and gradually learns to differentiate between
regular risks and typical data by using other machine learning algorithms
alongside KNN such as SVM, Neural Networks, Decision Trees, and
Ensemble learning such as Random Forest and Max voting to further analyze the
results of the machine learning. We frequently check host logs for host-based
intrusion detection. It can record incursions in terms of characteristics, very
effective attacks, or device vulnerabilities.

fig 4.3: Proposed Architecture for Cyber-attack/security using

Machine and Ensemble Learning

21
 CHAPTER-5
APPLICATION
Here, the cybersecurity model's preventive phase comprises defenders' attempts to

find and patch vulnerabilities to thwart potential threats. It has long been an aim to

create tools that can automatically find and address new vulnerabilities, but machine

learning has only recently proven to be a practical way to do this.

PREVENTION DETECTION

UNDERLYING TRANSFORMATIVE
CYBERSECURITY SIGNIFICANCE OF
TECHNOLOGY OF NEW TASK POTENTIAL OF
TASK Al APPLICATIONS NEW Al

Fuzzing Deep Learning High Medium-High

Pentesting Reinforcement High Medium-High

Learning
Bug Triage and NLR Traditional Ml Medium Medium
Classification Methods
Vulnerability Severity NLP, Traditional ML Medium Medium-Low
Assessment Methods

Fig 5.1: Machine Learning for Prevention of Vulnerabilities

PREVENTION DETECTION

UNDERLYING
CYBERSECURITY SIGNIFICANCE OF TRANSFORMATIVE
TECHNOLOGY OF NEW
TASK TASK POTENTIAL OF NEW Al
Al APPLICATIONS

Accurate Detection Deep Learning High Low

Alert Prioritization Deep Learning Medium-High Medium

GANs Medium-High Medium-Low

Adversarial
Hardening of
Detection Systems

Fig 5.2: Machine Learning for Detection of vulnerabilities

22
 Due to the cyber threat environment, it is necessary to continuously track and

correlate the ever-changing external and internal data points across the infrastructure

and users of a business. It is just not practical to manage this amount of information

with just a small group of people. This is where machine learning excels since it can

rapidly analyze huge data sets to find patterns and predict threats. By continuously

observing network behavior for anomalies, machine learning detects threats. Machine

learning engines quickly process massive amounts of data to uncover noteworthy

situations. These methods enable the detection of unknown malware, insider risks,

and policy violations. The primary application area where deep learning and more

recent ML techniques are seen to be potentially disruptive forces is detection, at least

among many public-facing sites.

Unfortunately, machine learning has not yet produced the game-changing innovations

that many had hoped for. Even if sufficiently large models, especially at sufficiently

large scales, do tend to perform marginally better than simpler models, these gains are

occasionally offset by the increasing number of risks that the majority of organizations

must contend with.

The main line is that many cybersecurity organizations still heavily rely on simpler

models today, despite the crucial role that deep learning has played in the Machine

Learning advancements of the last half-decade. Online "bad neighborhoods" can be

23
anticipated by machine learning to assist in preventing users from connecting to

dangerous websites To automatically detect attack infrastructures prepared for

While ML-driven detection systems are the subject of extensive research, more

ambitious suggestions envision AI systems that could one day move around

networks on their own, repairing holes and engaging in dynamic defense

against attackers. existing and emerging threats, machine learning monitors

Internet traffic

fig 5.3: Machine Learning Application for Recovery and Response in

time of vulnerabilities

24
 CHAPTER - 6

CONCLUSION

It is concluded that the fact that Machine Language has a significant impact on

cyber security operations, the systems used in carrying out these operations are still

susceptible to various sorts of attack that do not apply to other types of detection

systems and this is a major drawback of Machine Learning- based detection that is

occasionally disregarded in popular coverage. Attackers frequently find "adversarial

examples" i.e. slightly altered inputs that dramatically alter a model's response

despite being undetectable to a human, because the process by which many

Machine Learning ML systems reach decisions can frequently be poorly

understood and highly sensitive to small changes that a human analyst would

view as trivial. The usage of Machine Learning models also creates additional

attack vectors; in addition to maintaining the model's security, defenders must

ensure that their data is not contaminated and that the (usually open-source)

algorithms and statistical software are secure. A model architecture is proposed

using more machine learning algorithms and ensemble learning methods to check

the performance of the data set.

25
 CHAPTER – 7

FUTURE SCOPE

 Machine learning in cybersecurity operations is still an emerging field with

significant growth potential. Future developments could focus on the following
areas: Autonomous Cyber Defense Systems:

 In the future, machine learning could lead to self-healing networks and

autonomous systems capable of identifying, responding to, and mitigating
cyber threats without human intervention. Explainable AI: One of the barriers
to widespread ML adoption in cybersecurity is the lack of interpretability of
models.

 Future research will likely focus on creating explainable machine learning

models to ensure transparency and accountability in security decisions.

 Cross-Domain Threat Detection: As cyber threats become more sophisticated

and distributed, there will be a need for systems that can detect cross-domain
attacks. ML could be used to correlate information from various sources (e.g.,
network logs, endpoint data) to provide a more comprehensive view of
security threats.

 Collaborative Intelligence: Future cybersecurity operations may rely on

machine learning models that collaborate across organizations or platforms,
sharing insights to improve collective defense mechanisms against emerging
threats.

> Dealing with Data Privacy and Ethics: As machine learning models require
large datasets to train, concerns around data privacy will need to be addressed.
Future models should focus on privacy-preserving techniques like federated
learning to avoid compromising sensitive user data.
26
 CHAPTER - 8
REFERENCES

 Apriorit. (2022, January 27). Implementing Artificial Intelligence and

Machine Learning in Cybersecurity Solutions. Retrieved [Link]:

[Link] blog/474-ai-
 Moustafa, N., & Slay, J. (2015). The evaluation of network traffic using
machine learning algorithms for intrusion detection. Journal of Computer
Science and Technology, 30(1),41-58.
 Soni, P., & Chopra, S. (2018). A comprehensive survey on machine learning
techniques for cyber security. Procedia computer science, 132, 19-26.
 Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly
detection techniques. Journal of Network and Computer Applications, 60, 19-31
.
 Alazab, M., & Hobbs, J. (2019). Machine learning for cybersecurity: A
survey. IEEE Access, 7, [Link], M. L., Chen, S. C., & Tu, J. H.
(2007). A novel intrusion detection system based on machine learning
techniques. Journal of Computers, 2(10), 45-56.
 Zhang, Y., & Xu, M. (2020). A survey of machine learning techniques in
malware detection and classification. Journal of Computer Science and
Technology, 35(3), 505520.
 Gupta, A., & Sharma, A. (2017). Phishing detection using machine learning
techniques. Proceedings of the International Conference on Big Data, 145-151
.
 Azeez, N.A.; Salahuddeen, B.B.; Misra, S.; Damasevicius, R.; Maskeliunas, R
Identifying phishing attacks in communication networks using URL consistency
features. Int. J. Electron. Secure. Digit. Forensics 2020, 12, 200213.

27
 Gordon , G., & Matthew , U. (2022, Nov 17). Machine Learning in

Cybersecurity: How It Works and Companies to Know. Retrieved from

Built-in: [Link]

 Hamed , A., Iqbal , S. H., Asra , K., Syed Md. ,H. M., Sheikh, I., & Sohrab

, H. (2020). Cyber Intrusion Detection Using Machine Learning Classification

Techniques. Springer, 1235.

 Ilhan , F. K., Fatih , E., & Abdulkadir , S. (2021). Machine learning

methods for cyber security intrusion detection: Datasets and comparative

study. Elsevier, ScienceDirect, 188.

 Zaib et al. (2020). Applications of Artificial Intelligence and Machine

learning in smart cities. Elsevier ScienceDirect, 313-323

 Zhihan Lv et al. (2021). Deep Learning for Security Problems in 5G

Heterogeneous Networks. IEEE Xplore, 67-73.

28