OPTIMIZING CYBER ATTACK SIMULATION AS A RESPONSE TO ESCALATING SECURITY THREATS USING A MACHINE LEARNING APPROACH

  • Rivaldi Lubis Universitas Mikroskil
  • Apriyanto Halim Universitas Mikroskil
  • Felix Jansen Tanjaya Universitas Mikroskil
  • Tandri Universitas Mikroskil
Keywords: cyber attacks, optimization, machine learning, environmental variability

Abstract

Abstract: The growing intensity of cyber attacks, marked by rapid, large-scale, automated, and adaptive execution, requires analytical methods that represent the diversity of network environments, including variations in target platforms such as IoT, traditional networks, and hybrid infrastructures. This study compares machine learning models for cyber attack classification under heterogeneous environmental conditions and formulates a conceptual optimization framework based on model performance. Four publicly available benchmark datasets were used, namely UNB CIC IoT 2023, UNB CIC IDS-2018, UNSW-NB15, and a Kaggle cyber security attacks dataset, comprising approximately 40,000 to over 3.6 million records and 25 to 80 features across IoT, conventional, and mixed network environments. Random Forest, XGBoost, Multilayer Perceptron, and Transformer were implemented within a unified pipeline involving preprocessing, feature selection, and Bayesian Optimization-based hyperparameter tuning. All models achieved F1-score and Cohen's Kappa above 96%, with XGBoost performing best (97.80%, 97.26%), followed by Random Forest (97.78%, 96.96%) and Transformer (97.44%, 96.82%), while MLP scored lowest (96.74%, 96.00%), a gap below one percentage point. Confusion matrix analysis revealed persistent misclassification in minority and overlapping attack classes, informing a proposed adaptive cyber attack simulation optimization framework.

           
Keywords: cyber attacks; optimization; machine learning; environmental variability.

 

 

Abstrak: Meningkatnya intensitas serangan siber yang berlangsung cepat, masif, otomatis, dan adaptif menuntut pendekatan analitis yang merepresentasikan keragaman lingkungan jaringan, termasuk perbedaan karakteristik platform sasaran seperti Internet of Things (IoT), jaringan konvensional, dan infrastruktur hibrida. Penelitian ini membandingkan model machine learning untuk klasifikasi serangan siber pada kondisi lingkungan heterogen, sekaligus menyusun kerangka optimasi konseptual berdasarkan performa model. Empat dataset benchmark publik digunakan, yaitu UNB CIC IoT 2023, UNB CIC IDS-2018, UNSW-NB15, serta dataset Kaggle cyber security attacks, dengan jumlah data berkisar 40.000 hingga lebih dari 3,6 juta rekaman dan 25 sampai 80 fitur, mewakili lingkungan IoT, konvensional, dan campuran. Random Forest, XGBoost, Multilayer Perceptron, dan Transformer diimplementasikan melalui pipeline terpadu mencakup pra-pemrosesan, seleksi fitur, dan optimasi hyperparameter berbasis Bayesian Optimization. Seluruh model mencapai F1-score dan Cohen's Kappa di atas 96%, dengan XGBoost menunjukkan performa terbaik (97,80%, 97,26%), diikuti Random Forest (97,78%, 96,96%) dan Transformer (97,44%, 96,82%), sementara MLP mencatat skor terendah (96,74%, 96,00%), dengan selisih kurang dari satu poin persentase. Analisis confusion matrix mengungkap misklasifikasi yang konsisten pada kelas minoritas dan serangan dengan karakteristik serupa, yang menjadi dasar kerangka optimasi simulasi serangan siber adaptif yang diusulkan.

 

Kata kunci: serangan siber; optimasi; machine learning; variabilitas lingkungan

References

Z. Bederna and Z. Rajnai, “Analy-sis of the cybersecurity ecosystem in the European Union,” Interna-tional Cybersecurity Law Review, vol. 3, no. 1, pp. 35–49, 2022, doi: 10.1365/s43439-022-00048-9.

M. Czuryk, “Cybersecurity and Protection of Critical Infrastruc-ture,” Studia Iuridica Lublinensia, vol. 32, no. 5, pp. 43–52, 2023, doi: 10.17951/sil.2023.32.5.43-52.

P. B. Rangavittal, “Cybersecurity Threats in the Age of Digital Transformation: Strategies for Mitigation and Resilience,” Inter-national Journal of Science and Research (IJSR), vol. 13, no. 7, pp. 1279–1285, Jul. 2024, doi: 10.21275/SR24721221003.

Check Point Software Technolo-gies, “Cyber Security Report 2024,” 2024. [Online]. Available: https://www.checkpoint.com/resources/report-3854/report–cyber-security-report-2024

B. Fischer, D. Meissner, R. Nyuur, and D. Sarpong, “Guest Editorial: Cyber-Attacks, Strategic Cyber-Foresight, and Security,” IEEE Trans. Eng. Manag., vol. 69, no. 6, pp. 3660–3663, 2022, doi: 10.1109/TEM.2022.3204165.

S. Sharma, S. S. Agrawal, and S. A. Kumar, “Unlocking Cybersecu-rity Horizons: Exploring Cutting-Edge Technologies, Strategies, and Trends in the Dynamic Cyber Threat Landscape,” in 2024 Inter-national Conference on Intelligent Computing and Emerging Com-munication Technologies (ICEC), 2024, pp. 1–6. doi: 10.1109/ICEC59683.2024.10837210.

D. Chapagain, B. Aryal, D. Chhetri, B. Bastakoti, and P. Bhu-sal, “Botnet Technology: A Persis-tent Threat to Digital Infrastruc-ture,” Preprints (Basel)., Dec. 2024, doi: 10.20944/preprin ts202412.0660.v1.

M. Bircan and G. Tuna, “Analysis of Windows Operating Systems in Incident Response Processes in Cyber Wars: Use of Open Source Tools,” in Handbook of Research on War Policies, Strategies, and Cyber Wars, F. Özsungur, Ed., IGI Global Scientific Publishing, 2023, pp. 1–25. doi: 10.4018/978-1-6684-6741-1.ch001.

A. Garg, A. Pandey, N. Sharma, A. Kumar, P. K. Jha, and R. K. Singhal, “An In-Depth Analysis of the Constantly Changing World of Cyber Threats and Defences: Lo-cating the Most Recent Develop-ments,” in 2023 International Conference on Power Energy, En-vironment & Intelligent Control (PEEIC), 2023, pp. 181–186. doi: 10.1109/PEEIC59336.2023.10451963.

D. D. Gemmer, B. H. Meyer, E. R. de Mello, M. Schwarz, M. S. Wangham, and M. Nogueira, “A Scalable Cyber Security Frame-work for the Experimentation of DDoS Attacks of Things,” in NOMS 2023-2023 IEEE/IFIP Network Operations and Man-agement Symposium, 2023, pp. 1–7. doi: 10.1109/NOMS5692 8.2023.10154400.

P. Lachkov, L. Tawalbeh, and S. Bhatt, “Vulnerability Assessment for Applications Security Through Penetration Simulation and Test-ing,” Journal of Web Engineering, vol. 21, no. 07, pp. 2187–2208, Dec. 2022, doi: 10.13052/jwe1 540-9589.2178.

R. Mohammadi, M. M. Hosseini, and R. Bahrami, “Uncovering se-curity vulnerabilities through mul-tiplatform malware analysis,” SE-CURITY AND PRIVACY, vol. 8, no. 1, p. e455, 2024, doi: https://doi.org/10.1002/spy2.455.

J. Aws and L. Fritsch, “Towards AI-powered Cybersecurity Attack Modeling with Simulation Tools: Review of Attack Simulators,” in Advances on P2P, Parallel, Grid, Cloud and Internet Computing, L. Barolli, Ed., Cham: Springer In-ternational Publishing, 2023, pp. 249–257.

Q. Bai, “A Novel Two Step Com-puter Network Attack and Defense Strategy,” in 2024 International Conference on Inventive Computation Technologies (ICICT), 2024, pp. 1360–1367. doi: 10.1109/ICICT60155.2024.10544975.

N. S. Abd, K. Karoui, and M. G. Abdulkareem, “Enhancing the Ac-curacy of Intrusion Detection Sys-tems by Reducing the Rates of False Negatives Through Using XG-boost and Optimization Algo-rithm,” Security and Safety, 2024, doi: 10.1051/sands/2024025.

A. Muragodmath, A. Shaikh, N. Baraker, D. Baligar, and P. Patil, “An Efficient Network Attack De-tection System Using Recurrent Neural Network Models,” in Proceedings of the 2024 5th Inter-national Conference for Emerging Technology (INCET), 2024, pp. 1–5. doi: 10.1109/INCET61516.2024.10593098.

S. A. Ajagbe, J. B. Awotunde, and H. Florez, “Intrusion Detection: A Comparison Study of Machine Learning Models Using Unbal-anced Dataset,” SN Comput. Sci., vol. 5, no. 8, p. 1028, 2024, doi: 10.1007/s42979-024-03369-0.

W. Priatna, I. Sembiring, A. Se-tiawan, and I. Setyawan, “Network Intrusion Detection Using Transformer Models and Natural Language Processing for Enhanced Web Application Attack Detection,” Jurnal Nasional Pendidikan Teknik Informatika: JANAPATI, vol. 13, no. 3, pp. 482–493, Dec. 2024, doi: 10.23887/janapati.v13i3.82462.

C. Aouiche, B. Chen, B. Shen, A. Aouiche, R. K. Singla, and S. Dhelim, “Comprehensive Detec-tion of Known Attacks Using Integrated Datasets,” in 2024 14th International Conference on Infor-mation Science and Technology (ICIST), 2024, pp. 924–929. doi: 10.1109/ICIST63249.2024.10805263.

M. Alharby, “Evaluating machine learning approaches for multiple attack classification with improved computational efficiency in IoT networks,” Sci. Rep., vol. 15, no. 1, p. 39914, 2025, doi: 10.1038/s41598-025-23711-7.

A. AlMajali, L. Al-Abed, K. M. Ahmad Yousef, B. J. Mohd, Z. Samamah, and A. Abu Shhadeh, “Automated Vulnerability Exploi-tation Using Deep Reinforcement Learning,” Applied Sciences, vol. 14, no. 20, 2024, doi: 10.3390/app14209331.

Canadian Institute for Cybersecu-rity University of New Brunswick, “UNB CIC IoT Dataset 2023,” 2023.

Canadian Institute for Cybersecu-rity University of New Brunswick, “UNB CIC IDS-2018 Dataset,” 2018.

University of New South Wales (UNSW) Canberra at ADFA, “UNSW-NB15: Intrusion Detec-tion Evaluation Dataset,” 2017.

TeaminCribo, “Cyber Security At-tacks Dataset,” 2025. [Online]. Available: https://www.kaggle.com/datasets/teamincribo/cyber-security-attacks

R. Purba, R. Lubis, N. Sikana, and G. F. Situmorang, “BERT Model Implementation for Dynamic Sen-timent Analysis of Pertamina on Social Media X,” Engineering Sci-ence Letter, vol. 4, no. 02, pp. 77–82, Aug. 2025, doi: 10.56741/IISTR.esl.001139.

Published
2026-06-30
How to Cite
Lubis, R., Halim, A., Tanjaya, F. J., & Tandri. (2026). OPTIMIZING CYBER ATTACK SIMULATION AS A RESPONSE TO ESCALATING SECURITY THREATS USING A MACHINE LEARNING APPROACH . JURTEKSI (jurnal Teknologi Dan Sistem Informasi), 12(3), 477 - 484. https://doi.org/10.33330/jurteksi.v12i3.4411
Section
Articles