IoT networks have become an increasingly valuable target of malicious attacks due to the increased amount of valuable user data they contain. In response, network intrusion detection systems have been developed to detect suspicious network activity. UNSW-NB15 is an IoT-based network traffic data set with different categories for normal activities and malicious attack behaviors. UNSW-NB15 botnet datasets with IoT sensors' data are used to obtain results that show that the proposed features have the potential characteristics of identifying and classifying normal and malicious activity. Role of ML algorithms is for developing a network forensic system based on network flow identifiers and features that can track suspicious activities of botnets is possible. The ML model metrics using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks.

This is a five-step framework for the development of intrusion detection systems (IDS) using machine learning (ML) considering model realization, and performance evaluation.

The continuing increase of Internet of Things (IoT) based networks have increased the need for Computer networks intrusion detection systems (IDSs). Over the last few years, IDSs for IoT networks have been increasing reliant on machine learning (ML) techniques, algorithms, and models as traditional cybersecurity approaches become less viable for IoT. IDSs that have developed and implemented using machine learning approaches are effective, and accurate in detecting networks attacks with high-performance capabilities. However, the acceptability and trust of these systems may have been hindered due to many of the ML implementations being ‘black boxes’ where human interpretability, transparency, explainability, and logic in prediction outputs is significantly unavailable. The UNSW-NB15 is an IoT-based network traffic data set with classifying normal activities and malicious attack behaviors. Using this dataset, three ML classifiers: Decision Trees, Multi-Layer Perceptrons, and XGBoost, were trained. The ML classifiers and corresponding algorithm for developing a network forensic system based on network flow identifiers and features that can track suspicious activities of botnets proved to be very high-performing based on model performance accuracies. Thereafter, established Explainable AI (XAI) techniques using Scikit-Learn, LIME, ELI5, and SHAP libraries allowed for visualizations of the decision-making frameworks for the three classifiers to increase explainability in classification prediction. The results determined XAI is both feasible and viable as cybersecurity experts and professionals have much to gain with the implementation of traditional ML systems paired with Explainable AI (XAI) techniques.

IoT networks have become an increasingly valuable target of malicious attacks due to the increased amount of valuable user data they contain. In response, network intrusion detection systems have been developed to detect suspicious network activity. UNSW-NB15 is an IoT-based network traffic data set with different categories for normal activities and malicious attack behaviors. UNSW-NB15 botnet datasets with IoT sensors' data are used to obtain results that show that the proposed features have the potential characteristics of identifying and classifying normal and malicious activity. Role of ML algorithms is for developing a network forensic system based on network flow identifiers and features that can track suspicious activities of botnets is possible. The ML model metrics using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks.

As society and technology develop, more and more of our time is spent online, from shopping to socialising, working to banking. Ensuring our safety from malicious actors trying to capitalise on this digitisation is becoming ever more important. One such system that was developed to defend against attacks is a Network Intrusion Detection System (NIDS), a common tool used to detect intrusion attempts. Early adaptions used pre-configured signature detection to recognise attacks. Those early models evolved to use machine learning based anomaly detection to monitor real-time network activity and autonomously recognise intrusion attempts. Worryingly, the relatively new field of adversarial machine learning has been shown to be extremely effective in creating adversarial attacks that can easily bypass the NIDS. Adversary-aware feature selection, adversarial training and ensemble method were all used to increase the adversarial attack detection rate of the ML classifiers in the NIDS. Adversary-aware feature selection was the most effective, increasing the accuracy of three of the four classifiers from 0 for some adversarial attacks, to 0.98 for all adversarial attacks. In this work we build Hydra2, a tool to let users prototype an attack in a sand-box environment that has the ability of detecting adversarial attacks. The users can then quantify the results by adversarially attacking their prototype NIDS.

This project is an Intrusion Detection System (IDS) using machine learning (ML) and deep learning (DL) to detect network intrusions. It leverages the CICIDS2018 dataset to classify traffic as normal or malicious. Key features include data preprocessing, model training, hyperparameter tuning, and Docker containerization for scalable deployment.

This repository consists of the code necessary to develop the Bachelor's Degree Final Project in Telecom Engineering at UPM. It uses Federated Learning techniques to train and test ML model of an Intrusion Detection System (IDS) to detect ciberattacks in a cross-silo configuration

ML-based Intrusion Detection System for IoT Networks using ML, CNN, and Transformer models. Modular pipeline with preprocessing, training, evaluation, and performance benchmarking on CICIDS2017, BoT-IoT, and TON-IoT datasets

Proposed a multi-level IDS with seven ensemble machine learning algorithms that are running parallely (level 1) and a deep learning algorithm - Forward Feedback ANN (level 2) which would help to overcome the problems of the existing IDS and optimally detect intrusion in any network.

The "Intrusion-Detection-System-Using-ML" repository by SudoAnirudh features a machine learning-based Network Intrusion Detection System with a Flask web interface. It includes components such as machine learning models, datasets, and static files for detecting network intrusions.

Project implements an Intrusion Detection System (IDS) using traditional and machine learning techniques. It provides real-time monitoring, signature-based detection, and anomaly detection with ML models. Key technologies include SharpPcap, PacketDotNet, and ML.NET.

CyberSentinelML is a machine learning-based intrusion detection system (IDS) designed to detect and classify malicious network attacks in real-time. Using advanced ML models, it analyzes network traffic patterns to identify threats such as DDoS, port scanning, malware communication, and unauthorized access attempts.

With increasing cyber threats, traditional security often falls short. Advanced solutions like ml-based intrusion detection systems (IDS) are vital. The CICIDS2017 dataset, has diverse, realistic attack simulations, is crucial for training model to detect subtle anomalies. Our research enhances IDS accuracy, efficiency, bolstering network defenses.

AI-powered Intrusion Detection System using ML, DL, and ensemble models

Network Intrusion Detection System using an Ensemble of Standard ML Models

An intelligent system for real-time fraud detection and intrusion detection using ML models.

A JADE based multi agent Intrusion detection system using an ensemble ML model of Naive Bayes classifiers

ML-based Intrusion Detection System using CICIDS-2017 dataset. Trains XGBoost model with SMOTE, includes live demo simulation.

This repository contains the Intrusion Detection System done by using SVM and Random Forest like hybrid ML models and on UNSW-NB15 dataset

This project aims to develop network-based intrusion detection system using ML models. We use data plane programming to collect features and deploy our ML model in the data plane insteaded of control plane.

ML-based Intrusion Detection System using NSL-KDD. Includes preprocessing, feature engineering, Random Forest model (AUC 0.96), ROC curve, FastAPI prediction API, and a real-time intrusion analysis dashboard.

ML-based Network Intrusion Detection System using Python. Trains Random Forest and Deep Learning models on CICIDS2017, then performs real-time packet capture and threat detection with Scapy. Modular, ready for research, demos, or portfolio use.

Build a beginner-friendly intrusion detection system using ML models like Logistic Regression, SVM & Random Forest on the CIC-IDS2017 dataset. Includes data cleaning, PCA, evaluation metrics, and visualizations. Perfect for freshers in ML & cybersecurity.

A modular and adaptive Network Intrusion Detection System using Deep Q-Learning and Actor-Critic reinforcement learning, integrated with traditional ML models. Designed to detect complex attacks like SQL injection and DDoS..

AI-Driven Intrusion Detection system using Machine Learning to detect cyber threats. Built with Flask, ML models (Random Forest, AdaBoost, LightGBM, MLP), and features real-time predictions, visualizations, user authentication, and cloud dataset support.

A comprehensive ML-powered Intrusion Detection System with real-time packet capture, threat classification using ensemble ML models, file scanning with YARA rules, IP reputation checking, and an interactive web dashboard. Features automated IP blocking, email alerts, and GROQ-powered AI chatbot.

The ML-Based Intrusion Detection System implements a two-stage architecture where the first stage distinguishes between normal and attack traffic using supervised machine learning models, and the second stage classifies the type of attack using Neural Networks. This layered approach improves detection accuracy and analysis of threats.

A comparative study of ML-based Intrusion Detection Systems for 5G security. This project evaluates models including CNN, BiLSTM, Random Forest and Hybrid approaches using the CIC-IDS-2017 dataset to determine their effectiveness in identifying network attacks.

AI-powered Network Intrusion Detection System achieving 99.1% validation accuracy using a 10-model ML ensemble (XGBoost, LSTM, GNN, Autoencoder) with explainable AI (SHAP), real-time threat detection, SOC-style dashboard, automated response, and secure Azure CI/CD deployment.

Developed a Network Intrusion Detection System (NIDS) using the NUSW-NB-15 dataset for binary and multi-class classification. 2. Performed EDA, feature engineering, and feature selection using the ANOVA F-statistic approach. 3. Implemented and optimized multiple ML models, improving prediction speed and accuracy