Adaptive Cyber-Attack Detection and Mitigation in Atm Networks Using Network Motif Discovery, Machine Learning, Smote, and Hybrid Whitelisting-Blacklisting Strategies

As cyber threats continue to evolve in sophistication and scale, the need for robust and adaptive security mechanisms becomes increasingly critical, particularly for critical infrastructures such as ATM networks. This research explores innovative methodologies for detecting and mitigating cyber-attacks through the use of network motif discovery and machine learning (ML) techniques. The study focuses on applying graph-based algorithms to identify recurrent subgraph patterns (motifs) in network traffic, enabling the detection of novel attack behaviors. To address the challenge of class imbalance in network traffic data, the Synthetic Minority Over-sampling Technique (SMOTE) is employed to generate synthetic samples for underrepresented attack classes, thereby improving classifier performance. Additionally, a novel hybrid approach that combines whitelisting and blacklisting strategies is proposed for effective attack mitigation. The proposed methodology is evaluated using real-world network traffic data, with performance metrics such as accuracy, precision, recall, F1-score, and ROC AUC to assess the system's effectiveness. The results reveal that the model achieves a perfect accuracy of 1.00, with precision, recall, and F1-scores of 1.00 for both normal and attack traffic. The confusion matrix confirms zero false positives and false negatives, while the hybrid whitelisting/blacklisting strategy enhances the system's robustness in real-time attack detection and mitigation. This research contributes to the field of cybersecurity by providing a scalable and adaptive solution for real-time attack detection in dynamic network environments, offering substantial potential for securing critical infrastructure systems such as ATMs.