Advanced Persistent Threat Identification with Boosting and Explainable AI

 Advanced persistent threat (APT) is a serious concern in cyber-security that has matured and grown over the years with the advent of technology. The main aim of this study is to establish an effective identification model for APT attacks to prevent and reduce their influence. Machine learning has the potential as well as substantial background to detect and predict cyber-security threats including APT. This study utilized several boosting-based machine learning methods to predict various types of APTs that are consistent in cyber-security domain. Furthermore, Explainable Artificial Intelligence (XAI) was coupled with the predictions to provide actionable insights to the domain stakeholders as well as practitioners in this domain. The results, particularly XGBoost with weighted F1 score of 0.97 and SHapley Additive exPlanations (SHAP)-based explanation, prove that boosting methods as well as machine learning models paired with XAI are indeed promising in handling cyber-security-related dataset problems which can be extrapolated towards new avenues of challenging research by effectively deploying boosting-based XAI models.