Abstract

Due to the development of advanced identity based attacks and even complex cyber threats, merely possessing defensive cyber security capabilities is not enough today. In this study, we investigate how predictive analytics based machine learning (ML) can be employed for pro-active identity management and threat detection. In this study, the authors assess some models of machine learning – Decision Trees, Random Forests, Support Vector Machines (SVM), and a new hybrid one – to determine which best allows for the detection of both known and unknown threats. The results reveal that in metrics such as accuracy, precision, recall, and F1 score. The hybrid model incorporating both supervised and unsupervised learning approaches scored the highest among other models. As a consequence of its adaptability, the hybrid model is capable of real time dynamic threat detection and anomaly based identity management which makes it an appropriate model for the changing cyber security environment. This study provides the prospects to make proactive cybersecurity more efficient and therefore enhancing the technology for protection systems.