Skip to content

AnkurRay25/Network-Intrusion-Detection-System

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Intrusion Detection Using Machine Learning and Deep Learning

Overview

Cybersecurity threats continue to grow in complexity, making intelligent intrusion detection systems essential for protecting modern networks. This project presents a Machine Learning and Deep Learning-based Intrusion Detection System (IDS) designed to identify malicious network activities and classify network traffic as either normal or attack traffic.

The project utilizes advanced data preprocessing, feature engineering, Principal Component Analysis (PCA), multiple Machine Learning algorithms, and Deep Neural Networks to enhance cybersecurity threat detection and network monitoring.


Key Features

  • Network Intrusion Detection System (IDS)
  • Binary Classification of Network Traffic
  • Principal Component Analysis (PCA)
  • Machine Learning Model Comparison
  • Deep Learning-Based Threat Detection
  • Data Visualization and Performance Analysis
  • Cybersecurity Analytics

Dataset

NSL-KDD Dataset

This project uses the NSL-KDD dataset, a benchmark dataset widely used in intrusion detection and cybersecurity research.

Dataset Characteristics

  • Network Traffic Records
  • Normal and Attack Classes
  • Multiple Network Features
  • Cybersecurity Benchmark Dataset
  • Suitable for Machine Learning and Deep Learning Applications

Technologies Used

Programming Language

  • Python

Machine Learning

  • Scikit-Learn
  • XGBoost

Deep Learning

  • TensorFlow
  • Keras

Data Analysis & Visualization

  • NumPy
  • Pandas
  • Matplotlib
  • Seaborn

Data Preprocessing

The following preprocessing techniques were applied:

  • Data Cleaning
  • Feature Engineering
  • Label Encoding
  • RobustScaler Normalization
  • Train-Test Split
  • Data Transformation

Feature Reduction

Principal Component Analysis (PCA)

PCA was applied to reduce dimensionality and improve computational efficiency while retaining the most important information from the dataset.

Benefits include:

  • Reduced Feature Space
  • Faster Training Time
  • Improved Model Generalization
  • Reduced Noise and Redundancy

Machine Learning Models

The project evaluates multiple Machine Learning algorithms:

Logistic Regression

Linear classification model for intrusion detection.

K-Nearest Neighbors (KNN)

Distance-based classification algorithm.

Gaussian Naive Bayes

Probabilistic classifier based on Bayes' theorem.

Linear Support Vector Classifier (Linear SVC)

Margin-based classification model.

Decision Tree

Tree-based attack classification model.

Random Forest

Ensemble learning model using multiple decision trees.

XGBoost

Advanced gradient boosting framework for high-performance predictive modeling.


Deep Learning Model

Artificial Neural Network (ANN)

The Deep Learning architecture includes:

  • Dense Layers
  • ReLU Activation Functions
  • Dropout Layers
  • Binary Output Layer

The model is designed to learn complex patterns in network traffic and improve attack detection performance.


Workflow

  1. Data Collection
  2. Data Preprocessing
  3. Feature Engineering
  4. PCA Feature Reduction
  5. Train-Test Split
  6. Machine Learning Model Training
  7. Deep Learning Model Training
  8. Performance Evaluation
  9. Model Comparison

Evaluation Metrics

The models were evaluated using:

  • Accuracy
  • Precision
  • Recall
  • F1 Score
  • Mean Squared Error (MSE)
  • Confusion Matrix

Visualizations

The project includes:

  • Class Distribution Analysis
  • Feature Importance Analysis
  • PCA Visualization
  • Decision Tree Visualization
  • Training Accuracy Curves
  • Validation Accuracy Curves
  • Training Loss Curves
  • Model Performance Comparison

Applications

  • Network Security Monitoring
  • Cyber Threat Detection
  • Security Operations Centers (SOC)
  • Enterprise Cybersecurity Systems
  • Anomaly Detection Systems
  • Intelligent Network Defense

Future Enhancements

  • Real-Time Intrusion Detection
  • Explainable AI (XAI) for Cybersecurity
  • Cloud-Based Deployment
  • Zero-Day Attack Detection
  • Advanced Deep Learning Architectures
  • Federated Learning for Cybersecurity

Repository Structure

intrusion-detection-using-ml-and-dl/

├── Intrusion_Detection_System.ipynb
├── README.md
├── requirements.txt
│
├── images/
│   ├── pca_visualization.png
│   ├── confusion_matrix.png
│   ├── model_comparison.png
│   └── training_curves.png
│
└── dataset/

Author

Ankur Ray Chayan

Machine Learning Researcher | Embedded Systems Researcher

Research Interests

  • Artificial Intelligence
  • Deep Learning
  • Explainable AI
  • Cybersecurity Analytics
  • Computer Vision
  • Network Security

GitHub: https://github.com/AnkurRay25


License

This project is licensed under the MIT License.


About

Machine learning and deep learning based network intrusion detection system using the NSL-KDD dataset, PCA feature reduction, and multiple classification algorithms for cybersecurity threat detection.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors