<![CDATA[Cybersecurity threats have become increasingly complex, coordinated, and adaptive, creating significant challenges for traditional intrusion detection systems (IDS) that rely on static, signature-based mechanisms. These systems often fail to recognize novel, evolving, or multi-vector attacks that do not match predefined patterns. To overcome these limitations, this study proposes a data-driven framework that applies the Frequent Pattern Growth (FP-Growth) algorithm to analyze co-occurring events within network traffic logs. Using the CIC-IDS2017 benchmark dataset, which includes a wide range of real-world attack scenarios, network events were preprocessed and transformed into transactional data. This transformation enabled the efficient extraction of frequent itemsets and association rules without the computational burden of candidate generation. The experimental results show that the proposed method effectively uncovers meaningful attack correlations, such as brute force attempts preceding privilege escalation or malware infections leading to large-scale DDoS attacks. The model achieved a precision of 77.27%, recall of 70.83%, and F1-score of 73.91%, confirming its reliability in detecting sophisticated attack chains. A heatmap visualization was also generated to improve interpretability, allowing security analysts to quickly identify critical attack relationships. In conclusion, this research demonstrates that FP-Growth provides a scalable, interpretable, and computationally efficient approach to cyberattack detection, with potential integration into real-time IDS environments. Future work will focus on temporal sequence mining and hybrid models combining FP-Growth with machine learning to enhance adaptive, context-aware threat detection.]]>
Copyrights © 2025
