A Data-Driven Machine Learning Framework for Cybersecurity Risk Prediction Using Behavioral and Temporal Features from Email Server Logs
Abstract
This study presents a data-driven machine learning framework for cybersecurity risk prediction using behavioral and temporal features extracted from email server logs. The dataset consists of 955 authentication records, including protocol types, login outcomes, error classifications, timestamps, and spam scores. Initial statistical analysis, comprising descriptive statistics, correlation analysis, and chi-square tests, was conducted to examine relationships among variables and feature relevance. Subsequently, supervised machine learning models, logistic regression, decision trees, and random forests, were implemented to classify cybersecurity risk events. To address class imbalance, the Synthetic Minority Oversampling Technique (SMOTE) was applied. Model performance was evaluated using accuracy, precision, recall, F1-score, and the Area Under the Receiver Operating Characteristic Curve (AUC). Experimental results indicate that the Random Forest model outperformed other models, achieving the highest AUC of 0.84, compared to 0.723 for logistic regression. The findings demonstrate that integrating behavioral and temporal features significantly enhances the detection of cybersecurity threats. This study highlights the effectiveness of ensemble learning methods in capturing complex patterns within log data and provides a robust framework for developing intelligent intrusion detection systems. The proposed approach offers practical implications for improving cybersecurity monitoring and risk prediction in real-world email-based communication environments.
Keywords
Full Text:
PDFReferences
Admass, W. S., Munaye, Y. Y., & Diro, A. A. (2024). Cyber security: State of the art, challenges and future directions. Cyber Security and Applications, 2, 100031. https://doi.org/10.1016/j.csa.2023.100031
Alladi, T., Chamola, V., Sahu, N., & Guizani, M. (2020). Artificial intelligence and blockchain for cybersecurity: A comprehensive survey. IEEE Communications Surveys & Tutorials, 22(4), 3432–3465. https://doi.org/10.1109/COMST.2020.3012460
Alshamrani, A., Myneni, S., Chowdhary, A., & Huang, D. (2024). Machine learning in cybersecurity: Applications, challenges, and future directions. https://doi.org/10.32628/CSEIT24102125
Flick, C., & Worrall, K. (2022). The ethics of creative AI. In The Language of Creative AI (pp. 73–91). Springer. https://doi.org/10.1007/978-3-031-10960-7_5
Gandotra, E., & Gupta, D. (2021). An efficient approach for phishing detection using machine learning. In Multimedia Security (pp. 239–253). Springer. https://doi.org/10.1007/978-981-15-8711-5_12
He, Z. (2025). Machine learning for cybersecurity: A survey of applications. Electronics, 14(23). https://doi.org/10.3390/electronics14234563
Janati, M., & Messaoudi, F. (2025). Intrusion detection system-based network behavior analysis. International Journal of Advanced Computer Science and Applications, 16(3), 793–802. https://doi.org/10.14569/IJACSA.2025.0160378
Kaushik, S. S., et al. (2025). Robust machine learning based intrusion detection system. Scientific Reports, 15, 3970. https://doi.org/10.1038/s41598-025-88286-9
Landauer, M. M., et al. (2020). System log clustering approaches for cyber security applications. Computers & Security, 92, 101739. https://doi.org/10.1016/j.cose.2020.101739
Lu, C., Cao, Y., & Wang, Z. (2024). Research on intrusion detection based on an enhanced random forest algorithm. Applied Sciences, 14(2), 714. https://doi.org/10.3390/app14020714
Ojo, A. O. (2025). A review on the effectiveness of AI in cybersecurity. JKLST, 4(1), 1–12.
Parlanti, T. S., & Catania, C. A. (2025). Temporal analysis framework for intrusion detection systems. arXiv. https://doi.org/10.48550/arXiv.2511.03799
Shrestha, N. (2020). Detecting multicollinearity in regression analysis. American Journal of Applied Mathematics and Statistics, 8(2), 39–42. https://doi.org/10.12691/ajams-8-2-1
Singh, A., et al. (2024). Machine learning-based intrusion detection systems for cybersecurity applications. Alexandria Engineering Journal. https://doi.org/10.1016/j.aej.2024.01.013
Strauss, C., Harr, M. D., & Pieper, T. M. (2025). Analyzing digital communication. Management Review Quarterly, 75(4), 3119–3157. https://doi.org/10.1007/s11301-024-00455-8
Talukder, M. A., et al. (2024). Machine learning-based network intrusion detection. Journal of Big Data, 11, 33. https://doi.org/10.1186/s40537-024-00886-w
Wardana, A. A., et al. (2024). Federated random forest with feature selection for collaborative intrusion detection in IoT. Procedia Computer Science, 246, 20–29. https://doi.org/10.1016/j.procs.2024.09.193
Wu, Y., Zou, B., & Cao, Y. (2024). Deep learning-based intrusion detection models. Journal of Imaging, 10(10), 254. https://doi.org/10.3390/jimaging10100254
Zhang, Y., Chen, X., Li, S., & Wang, L. (2021). A machine learning approach for cybersecurity intrusion detection. IEEE Access, 9, 34567–34578. https://doi.org/10.1109/ACCESS.2021.3051234
DOI: https://doi.org/10.31326/jisa.v9i1.2742
Refbacks
- There are currently no refbacks.
Copyright (c) 2026 Frowin Rabanus Kifaru

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
JOURNAL IDENTITY
Journal Name: JISA (Jurnal Informatika dan Sains)
e-ISSN: 2614-8404, p-ISSN: 2776-3234
Publisher: Program Studi Teknik Informatika Universitas Trilogi
Publication Schedule: June and December
Language: English
APC: The Journal Charges Fees for Publishing
Indexing: EBSCO , DOAJ, Google Scholar, Arsip Relawan Jurnal Indonesia, Directory of Research Journals Indexing, Index Copernicus International, PKP Index, Science and Technology Index (SINTA, S4) , Garuda Index
OAI address: http://trilogi.ac.id/journal/ks/index.php/JISA/oai
Contact: jisa@trilogi.ac.id
Sponsored by: DOI – Digital Object Identifier Crossref, Universitas Trilogi
In Collaboration With: Indonesian Artificial Intelligent Ecosystem(IAIE), Relawan Jurnal Indonesia, Jurnal Teknologi dan Sistem Komputer (JTSiskom)
JISA (Jurnal Informatika dan Sains) is Published by Program Studi Teknik Informatika, Universitas Trilogi under Creative Commons Attribution-ShareAlike 4.0 International License.















