Endpoint Protection of Windows Operating System using Threat Intelligent Cycle

This paper attempts to fill the knowledge gap in general by using machine learning within the Threat Intelligence Cycle (TIC) for proper analysis of signature based and anomaly based threat detection. This paper aims to fill the gap seen among people about proper security configuration by notifying the threat intelligence cycle and implying the significance of setting those configurations within windows 10 within DELL and HP laptops and Lenovo thinkpad within a network. Along with hardening, malicious behavior analysis is also essential to discover vulnerabilities in the private network to protect from internal threats for which the behavior analysis model is approached. For this, we have used datasets as system logs from the pfsense alert message and CICIDS2017 dataset to build a machine learning model using the xgboost classifier along with Principal Component Analysis (PCA) from which the obtained accuracy of the model is 99.75%, precision: 0.997, recall 0.998, F1 score: 0.997 for PCA 25.