A machine learning-based project focused on detecting network intrusions using classical models and ensemble learning techniques. The system processes network traffic data, classifies it into normal or anomaly classes, and provides a real-time web interface for prediction and live packet capture.
- Overview
- Dataset
- Tech Stack
- Data Preprocessing
- Models Implemented
- Evaluation Metrics
- Frontend Features
- Live Packet Capture
- Results
- How to Run
- Future Scope
- Contributors
- Contact and Feedback
This project presents a scalable, real-time Network Intrusion Detection System (NIDS) using a blend of machine learning models. We evaluated a wide range of classifiers to detect anomalies in network traffic. Additionally, we developed a web-based frontend to interact with the system, making it accessible and intuitive for end users.
- Name: Network Intrusion Dataset
- Size: ~25,000 rows × 42 columns
- Class Distribution:
Normal: 13,449Anomaly: 11,743- Ratio: 1.15:1 (balanced)
- Python
- Scikit-learn
- XGBoost
- Optuna
- Pandas, NumPy
- Matplotlib / Seaborn (for visualization)
- React.js
- RESTful APIs
- Vercel Deployment
- Label encoding for categorical features (
protocol_type,service,flag,class) - Removed:
- Columns with >50% missing data
- Low-variance features (only one unique value)
- Sparse features (>90% zeros)
- Applied
SelectKBestwithmutual_info_classiffor feature selection - 80-20 Train-Test split
- Final dataset saved as
train_data.csvandtest_data.csv
| Type | Algorithms Used |
|---|---|
| Classical Models | Logistic Regression, KNN, Decision Tree, Naive Bayes |
| Ensemble Models | Random Forest, AdaBoost, XGBoost, Voting Classifier |
| SVM Variants | Linear SVM, Non-linear SVM (RBF kernel) |
| Neural Network | Artificial Neural Network (ANN) |
Each model was optimized using GridSearchCV and evaluated on cross-validation folds.
All models were evaluated using:
- Accuracy
- Precision
- Recall
- F1 Score
- Confusion Matrix
Frontend built using React.js and deployed on Vercel. Key features include:
- 🔍 Single Packet Prediction — Enter packet features manually
- 📤 CSV Upload — Upload datasets for bulk classification
- 🌐 Auto-Capture Mode — Analyze real-time packet traffic (backend setup required)
- 📚 History Section — View past predictions (stored in localStorage)
- ℹ️ About Section — Overview of project, team, and usage instructions
We provide a backend script (packetcapture.py) for real-time packet analysis.
scapy- Admin/root permissions to capture packets
- Run the Python backend locally
- Hit "Start Capture" in the frontend
- Packets from your network interface will be captured, processed, and classified
| Model | Accuracy | Precision | Recall | F1 Score |
|---|---|---|---|---|
| XGBoost | 99.66% | 99.66% | 99.66% | 99.66% |
| Random Forest | 99.50% | 99.50% | 99.50% | 99.50% |
| KNN | 99.36% | 99.50% | 99.50% | 99.50% |
| Decision Tree | 99.44% | 99.44% | 99.44% | 99.44% |
| Non-Linear SVM | 97.14% | 95.24% | 99.59% | 97.39% |
| ANN | 95.87% | 95.87% | 95.87% | 95.87% |
| AdaBoost | 96.59% | 96.59% | 96.59% | 96.59% |
| Bernoulli Naive Bayes | 92.72% | 92.72% | 92.72% | 92.71% |
| Logistic Regression | 88.71% | 88.72% | 88.71% | 88.70% |
| Linear SVM | 89.86% | 85.29% | 97.72% | 91.13% |
git clone https://github.com/your-username/network-intrusion-detection.git
cd network-intrusion-detectionpip install -r requirements.txtpython app.pycd frontend
npm install
npm run dev🔧 Make sure to update the backend API URL in your frontend configuration if needed.
-
Integrate deep learning models like CNNs or LSTMs for improved anomaly detection.
-
Explore newer and more comprehensive datasets like CICIDS2017 or UNSW-NB15.
-
Add real-time threat mitigation capabilities and alert systems.
-
Deploy in enterprise environments with scalable cloud infrastructure.
-
Integrate the system with SIEM (Security Information and Event Management) tools and dashboards.
If you have any suggestions, feedback, or encounter any issues:
- 🐛 Create an Issue
- 📬 Reach out to any contributor via email or GitHub
- 🤝 Feel free to fork the repository and contribute through Pull Requests
Thank you for exploring our project! 🚀