Research Article
Attribution Classification Method of APT Malware in IoT Using Machine Learning Techniques
Table 3
Classification results of each model on each APT organization.
| | APT organization | Evaluation | KNN | DT | XGB | SMOTE-RF |
| | Lazarus group | Precision | 0.791 | 0.750 | 0.800 | 0.845 | | Recall | 0.507 | 0.493 | 0.478 | 0.567 | | F-score | 0.618 | 0.595 | 0.598 | 0.644 |
| | APT28 | Precision | 0.360 | 0.351 | 0.355 | 0.366 | | Recall | 0.854 | 0.833 | 0.792 | 0.854 | | F-score | 0.506 | 0.494 | 0.490 | 0.513 |
| | Operation C-Major | Precision | 0.889 | 0.889 | 0.889 | 0.889 | | Recall | 0.828 | 0.828 | 0.828 | 0.828 | | F-score | 0.857 | 0.857 | 0.857 | 0.857 |
| | APT29 | Precision | 0.937 | 0.938 | 0.912 | 0.968 | | Recall | 0.825 | 0.839 | 0.857 | 0.834 | | F-score | 0.877 | 0.886 | 0.884 | 0.896 |
| | Dropping Elephant | Precision | 0.927 | 0.980 | 0.944 | 0.927 | | Recall | 0.836 | 0.836 | 0.836 | 0.836 | | F-score | 0.879 | 0.903 | 0.887 | 0.879 |
| | Sandworm | Precision | 0.840 | 0.917 | 1.0 | 1.0 | | Recall | 0.808 | 0.846 | 0.846 | 0.885 | | F-score | 0.824 | 0.880 | 0.917 | 0.939 |
| | Naikon | Precision | 0.913 | 0.957 | 0.917 | 0.957 | | Recall | 0.700 | 0.733 | 0.733 | 0.733 | | F-score | 0.792 | 0.830 | 0.815 | 0.830 |
|
|
