Table 11 Machine learning performance for threat detection in BlockIntelChain, showing model accuracy, precision, recall, F1-score, and training time for various threat categories, highlighting the efficacy of federated learning and specialized ML pipelines in identifying cyber threats.
From: BlockIntelChain: a blockchain-based cyber threat intelligence sharing architecture
ML model | Accuracy (%) | Precision (%) | Recall (%) | F1-Score | Training time (hrs) |
|---|---|---|---|---|---|
Malware classification | 96.4 | 95.8 | 97.1 | 0.964 | 2.3 |
Phishing detection | 94.7 | 93.2 | 96.3 | 0.947 | 1.8 |
Botnet identification | 93.1 | 92.6 | 93.7 | 0.932 | 3.1 |
APT detection | 91.8 | 90.4 | 93.3 | 0.917 | 4.2 |
Network anomaly detection | 95.2 | 94.6 | 95.8 | 0.952 | 1.5 |
Behavioral analysis | 89.7 | 88.3 | 91.2 | 0.896 | 5.7 |
Attack pattern recognition | 92.5 | 91.9 | 93.1 | 0.925 | 2.9 |
Federated learning model | 94.8 | 93.7 | 95.9 | 0.948 | 3.6 |
Centralized baseline | 93.2 | 92.1 | 94.3 | 0.932 | 2.1 |
