ABSTRACT
The advanced persistent threat (APT) is an ever-growing issue in cybersecurity, whose emergence and evolution have been accompanied by technological advancement. The study describes an approach to identifying Advanced Persistent Threats (APTs) based on the 42 (numerical and categorical) features present in the dataset OF UNSW NB15. Exploratory Data Analysis (EDA) was done to comprehend the correlation among features and the bit of class distribution and then preprocessing of data, such as cleaning and standardization, removal and balancing of outliers and classes with SMOTE. Two models, Decision Tree (DT) and Convolutional Neural Network (CNN), were used and assessed. The results of the experiments prove that CNN model is much superior to other baseline models, including ANN, SVM, and RF, because CNN has an F1-score of 98.92, a recall of 99.14, a precision of 98.71, and an accuracy of 98.85. Conversely, DT classifier was found to have an accuracy of 95.84 with low variation in values of the F1-score at 96.12, precision, and the recall. CNN also obtained AUC of 0.9990, which indicates that it is very strong in separating normal and attack traffic. Although CNN offers better functionality due to its capability to identify intricate and nuanced patterns, the model of the DT can be interpreted and implemented easily. On the whole, the results present the superiority of CNN-based deep learning (DL) in identifying advanced and evasive APTs, as well as the supporting power of interpretable models such as DT in cybersecurity defense processes.
Share and Cite:
Tamilmani, V., Namburi, V. D., Singh, A. A. S., Maniar, V., Kothamaram, R. R. and Rajendran, D. (2026) Machine-Deep Learning Approaches for Efficient Persistent Threat Identification: A Performance Analysis.
Journal of Data Analysis and Information Processing,
14, 171-188. doi:
10.4236/jdaip.2026.142009.