

<strong>Paper Title</strong><br>

ANOMALY DETECTION FOR ZERO-DAY EXPLOIT IDENTIFICATION IN NETWORK TRAFFIC USING ISOLATION FOREST<br>

<br>


<strong>Abstract</strong><br>

Zero-day exploitation embodies a high risk cyber threat as it uses un-patched vulnerabilities long before those flaws can be addressed and such systems remain vulnerable. Attackers with malicious intent target unfixed vulnerabilities making these attacks very prevalent and sometimes deadly since basic virus protections may not be able to prevent them. Therefore, the  fact that a zero-day attack occurs is that an there has been some identified vulnerability in an application and there’s time for the vendor to patch it. This has created room for the cyber attackers whose impaction on the organizations could include loss of private data, financial resources, system down times among others. The increasing use of fog and cloud infrastructures has heightened the dangers posted by zero day attacks. Some of the positive attributes of these distributed systems are increased speed and improves performance due to scaling; In increasing the performance, however, they create room for attack. The fastpaced changes in fog and cloud infrastructures also make tracking of threats rather difficult validating the approach for additional layers of security. It is critical to perform these activities as early as possible in order to prevent any severe consequences. In network traffic engaging ML methods due to their capabilities of dealing with high dimensional datasets.

Keywords - Zero-Day Exploits, Anomaly Detection, Network Traffic Analysis, Isolation Forest, Machine Learning, Cybersecurity, Anomaly Detection Algorithms, Security Threat Analysis.