Securing Against Zero-Day Attacks: A Machine Learning Approach for Classification and Organizations’ Perception of its Impact

  • Anietie P. Ekong Akwa Ibom State University, Nigeria
  • Aniebiet Etuk Akwa Ibom State University, Nigeria
  • Saviour Inyang Akwa Ibom State University, Nigeria
  • Mary Ekere-obong Akwa Ibom State University, Nigeria
Keywords: Zero-day Attack, Machine Learning, Data security, Cyber security, Organizations performance


Zero-day malware is a type of malware that exploits system vulnerabilities before it is detected and sealed. This type of malware is a significant threat to enterprise cybersecurity and has tremendous impact on organizations’ performance, as it can spread widely before organizations can clamp down on the threat. Unfortunately, exploit developers can attack system’s vulnerabilities at a pace that is faster than defensive patches. In this research, classification of zero-day attack was carried out. Exploratory Data Analysis (EDA) on malware zero data was conducted. Then feature selection was carried out using Principal Component Analysis (PCA) for the selection of the most important features in the dataset after which a Random Forest (RF) Algorithm was adopted for the classification of zero-day attack.  The impact of such attacks was also analyzed, and results were evaluated using confusion matrix and an accuracy of 95% in the classification of zero-day attack with a class error of 3.8% was obtained. A survey of the perception of the potential impacts of these attacks on organization was also carried out. These results indicate efficiency of machine learning algorithm in the classification of attacks as zero-day malware attacks or not. The research also offered pragmatic insights into the perception by organizations of its potential negative impacts and their eagerness to embrace and prioritize proffered cyber security solution(s) to avoid such attacks in order to avert undesirable consequences.


Download data is not yet available.


D. Nandakumar, R. Schiller, C. Redino, K. Choi, A. Rahman, E. Bowen, M. Vucovich, M. Weeks, and A. Shaha, "Zero Day Threat Detection Using Metric Learning Autoencoders," 2022 21st IEEE International Conference on Machine Learning and Applications (ICMLA), Nassau, Bahamas, 2022, pp. 1318-1325, https://doi: 10.1109/ICMLA55696.2022.00210.

A. Goldsteen, G. Ezov, R. Shmelkin, M. Moffie, and A. Farkash, "Anonymizing machine learning models," in International Workshop on Data Privacy Management, Oct. 2021, pp. 121-136.

F. Abri, S. Siami-Namini, M. A. Khanghah, F. M. Soltani and A. S. Namin, "Can Machine/Deep Learning Classifiers Detect Zero-Day Malware with High Accuracy?," 2019 IEEE International Conference on Big Data (Big Data), Los Angeles, CA, USA, 2019, pp. 3252-3259, https://doi: 10.1109/BigData47090.2019.9006514.

Y. Jung, "A review of privacy-preserving human and human activity recognition," Int. J. Smart Sens. Intell. Syst., vol. 13, no. 1, pp. 1-13, 2020.

A. Etuk, J. Anyadighibe, E. James, and R. Mbaka, "Service quality and passengers' loyalty of public transportation companies," British Journal of Management and Marketing Studies, vol. 4, no. 4, pp. 82-98, 2012.

Y. Guo, "A Survey of Machine Learning-Based Zero-Day Attack Detection: Challenges and Future Directions”, Comput Commun. 198(C), 175–185, 2023, https://doi:10.1016/j.comcom.2022.11.001.

M. Sarhan, S. Layeghy, M.R. Gallagher, M. Portmann, “From zero-shot machine learning to zero-day attack detection.” Int. J. Inf. Secur. 22, pp. 947–959, 2023. [8].

A. Ekong, B. Ekong, A. Edet, “Supervised machine learning model for effective classification of patients with covid-19 symptoms based on bayesian belief network”, Researchers Journal of Science and Technology, vol2: pp. 27 – 33, 2022.

V. C. Victor, C. Ugwu, and O. Laeticia Onyejegbu, "Enhanced Classification Model for Likelihood of Zero-Day Attack Detection and Estimation," European Journal of Electrical Engineering & Computer Science, vol. 5, no. 4, 2021.

S. Ali, S. U. Rehman, A. Imran, G. Adeem, Z. Iqbal, and K.-I. Kim, "Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection," Electronics, vol. 11, no. 23, 2022, Art. no. 3934, https://doi: 10.3390/electronics11233934.

V. T. Victor, C. U. Chidiebere, and O. Laticia, "Comparative Analysis of Dimensionality Reduction Techniques on Datasets for Zero-Day Attack Vulnerability," Journal of Software Engineering and Simulation, vol. 7, no. 8, pp. 48-56, 2021.

J.-Y. Kim, S.-J. Bu, and S.-B. Cho, "Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders," Information Sciences, vol. 460, pp. 83-102, 2018.

A. Ekong, E. Udo, O. Ekong, and S. Inyang, "Machine Learning based Model for the Prediction of Fasting Blood Sugar Level towards Cardiovascular Disease Control for the Enhancement of Public Health," International Journal of Computer Applications, vol. 975, pp. 8887.

D. Feaster (2018). Malware Detection. Kaggle. [Online]. Available:

Verywell Mind. "The Algorithm Problem Solving Approach in PsychologyVerywellMind."[Online].Available: Accessed on: Aug. 24, 2023.

S. S. Raut and S. S. Kulkarni, "Random Forest Modeling for Network Intrusion Detection System," in Procedia Computer Science, vol. 89, pp. 797-803, 2016, doi: 10.1016/j.procs.2016.06.103.

Abstract views: 60 times
Download PDF: 43 times
How to Cite
Ekong, A., Etuk, A., Inyang, S., & Ekere-obong, M. (2023). Securing Against Zero-Day Attacks: A Machine Learning Approach for Classification and Organizations’ Perception of its Impact. Journal of Information Systems and Informatics, 5(3), 1123-1140.