Abstract
With the rapid growth in the use of computer networks and the significant expansion of related applications, cybersecurity issues are becoming increasingly relevant. This paper will provide an overview of solutions to growing network security problems, followed by developing a tool for detecting and preventing cyber threats by analyzing network traffic data from the Security Information and Event Management System (SIEM). Using various machine learning algorithms, including SVM, KNN, Decision Tree, Random Forest, Gaussian Naive Bayes, XGBoost, and neural networks, the study provides accurate traffic classification and identifies potential threats. The neural network increases the accuracy of detecting complex threat models. The study uniquely combines a targeted application in the field of cybersecurity, a comprehensive comparison of models, and practical implementation to obtain accurate data. The results demonstrated using histograms and tables show the effectiveness of Random Forest and PCA Random Forest, emphasizing their accurate traffic classification. Finally, the efficacy of diverse experiments conducted on cyber-security data sets featuring multiple cyber-attack categories will be assessed. Additionally, the effectiveness of performance metrics such as precision, recall, and accuracy will be evaluated. Applying a multi-level approach aligned with the latest trends in machine learning in cybersecurity facilitates swift and precise threat analysis and response, consequently elevating the system's overall effectiveness.