IoT networks have become an increasingly valuable target of malicious attacks due to the increased amount of valuable user data they contain. In response, network intrusion detection systems have been developed to detect suspicious network activity. UNSW-NB15 is an IoT-based network traffic data set with different categories for normal activities and malicious attack behaviors. UNSW-NB15 botnet datasets with IoT sensors' data are used to obtain results that show that the proposed features have the potential characteristics of identifying and classifying normal and malicious activity. Role of ML algorithms is for developing a network forensic system based on network flow identifiers and features that can track suspicious activities of botnets is possible. The ML model metrics using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks.

Welcome this is a comprehensive repository dedicated to advancing Network Intrusion Detection Systems (NIDS) through the power of Machine Learning (ML) and Deep Learning (DL). This project aims to develop, evaluate, and optimize intelligent models capable of accurately detecting and mitigating a wide array of network threats and anomalies.

The continuing increase of Internet of Things (IoT) based networks have increased the need for Computer networks intrusion detection systems (IDSs). Over the last few years, IDSs for IoT networks have been increasing reliant on machine learning (ML) techniques, algorithms, and models as traditional cybersecurity approaches become less viable for IoT. IDSs that have developed and implemented using machine learning approaches are effective, and accurate in detecting networks attacks with high-performance capabilities. However, the acceptability and trust of these systems may have been hindered due to many of the ML implementations being ‘black boxes’ where human interpretability, transparency, explainability, and logic in prediction outputs is significantly unavailable. The UNSW-NB15 is an IoT-based network traffic data set with classifying normal activities and malicious attack behaviors. Using this dataset, three ML classifiers: Decision Trees, Multi-Layer Perceptrons, and XGBoost, were trained. The ML classifiers and corresponding algorithm for developing a network forensic system based on network flow identifiers and features that can track suspicious activities of botnets proved to be very high-performing based on model performance accuracies. Thereafter, established Explainable AI (XAI) techniques using Scikit-Learn, LIME, ELI5, and SHAP libraries allowed for visualizations of the decision-making frameworks for the three classifiers to increase explainability in classification prediction. The results determined XAI is both feasible and viable as cybersecurity experts and professionals have much to gain with the implementation of traditional ML systems paired with Explainable AI (XAI) techniques.

No description available

IoT networks have become an increasingly valuable target of malicious attacks due to the increased amount of valuable user data they contain. In response, network intrusion detection systems have been developed to detect suspicious network activity. UNSW-NB15 is an IoT-based network traffic data set with different categories for normal activities and malicious attack behaviors. UNSW-NB15 botnet datasets with IoT sensors' data are used to obtain results that show that the proposed features have the potential characteristics of identifying and classifying normal and malicious activity. Role of ML algorithms is for developing a network forensic system based on network flow identifiers and features that can track suspicious activities of botnets is possible. The ML model metrics using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks.

Network Intrusion Detection System on CSE-CIC-IDS2018 using ML classifiers and DNN ( ANN , CNN , RNN ) | Hyper-parameter Optimization { learning rate, epochs, network architectures, regularisation } | Adversarial Attacks - Label flip , Adversarial samples , KNN (defence)

No description available

The given information of network connection, model predicts if connection has some intrusion or not. Binary classification for good and bad type of the connection further converting to multi-class classification and most prominent is feature importance analysis.

This repository is for exploring various ML and DL techniques for network intrusion detection

As society and technology develop, more and more of our time is spent online, from shopping to socialising, working to banking. Ensuring our safety from malicious actors trying to capitalise on this digitisation is becoming ever more important. One such system that was developed to defend against attacks is a Network Intrusion Detection System (NIDS), a common tool used to detect intrusion attempts. Early adaptions used pre-configured signature detection to recognise attacks. Those early models evolved to use machine learning based anomaly detection to monitor real-time network activity and autonomously recognise intrusion attempts. Worryingly, the relatively new field of adversarial machine learning has been shown to be extremely effective in creating adversarial attacks that can easily bypass the NIDS. Adversary-aware feature selection, adversarial training and ensemble method were all used to increase the adversarial attack detection rate of the ML classifiers in the NIDS. Adversary-aware feature selection was the most effective, increasing the accuracy of three of the four classifiers from 0 for some adversarial attacks, to 0.98 for all adversarial attacks. In this work we build Hydra2, a tool to let users prototype an attack in a sand-box environment that has the ability of detecting adversarial attacks. The users can then quantify the results by adversarially attacking their prototype NIDS.

Final year project in college

Attack Detection, Parameter Optimization and Performance Analysis in Enterprise Networks (ML Networks) for Intrusion Detection System IDS.

ML base Network Intrusion Detection System

Detect Network Attacks Through The Usage of ML-based Network Intrusion Detection Systems (NIDS)

This project is an Intrusion Detection System (IDS) using machine learning (ML) and deep learning (DL) to detect network intrusions. It leverages the CICIDS2018 dataset to classify traffic as normal or malicious. Key features include data preprocessing, model training, hyperparameter tuning, and Docker containerization for scalable deployment.

This repository develops a Network Intrusion Detection System (NIDS) for SecureTech Solutions Inc., addressing sophisticated ransomware threats. Using machine learning, it detects malicious activities in real-time, minimises false alarms, and provides explainable predictions, safeguarding critical assets and preserving client trust.

An Intrusion Detection System (IDS) using Machine Learning (ML) analisys to identify malicious patterns on inside and outside network packages

End-to-end ML pipeline for network intrusion detection on CIC-IDS2017. Features data cleaning, EDA, feature engineering, PCA, multi-class/binary classification (RF, XGBoost), and unsupervised methods (Isolation Forest, Autoencoder). Built with Python, Sklearn, TF/Keras.

Since the beginning of the pandemic, the internet traffic has been considerably increased. Daily tasks such as working meetings or classes lectures were moved to remote modal- ity, and this transition involved the adoption of digital plat- form for different kind of transaction, in which, for most of the cases, personal/sensitive information is being requesting and/or sharing. Wireless network connection is turning in the most popular internet access connectivity protocol, and as the traffic also increased the number of security flaws are being revealed by intruders, making this protocol vulnera- ble. That is one of the reasons why it is important to im- plement systems capable to automate the detection of vul- nerabilities accurately in a network. Therefore, in this work, we propose a Machine Learning (ML) approach for the de- velopment of a Intrusion Detection System(IDS) for wireless networks that have be both characteristics: accurate and ex- plainable. To achieve those characteristics, we implemented a variety of feature selection methods, including feature im- portance, chi-square analysis, variance correlation analysis and explainable artificial intelligence. Our ML based IDS achieves an accuracy of 99.81% for multi-class classification with a reduced set of features. An description of the feature selection output is provided for better explanation of the pre- dicted outputs.

Advanced Network Intrusion Detection System (NIDS) - ML-based cybersecurity project using Python with real-time packet analysis, anomaly detection, and web-based monitoring dashboard

Intrusion and Vulnerability Detection in Software-Defined Networks (SDN) by Team ML-IDS

a machine learning model for network intrusion detection using various ml algorithms

This repo will contain all the code base for the machine learning (ML) experimentation of network-based Intrusion Detection System (NIDS).

This repository deals with the analysis and implementation of Intrusion Detection in Industrial Internet Of Things(IIOT) network based on ML models and TinyML Inferences.

An Anomaly-Based Intrusion Detection System (AIDS) built with a Random Forest classifier on the CICIOT23 dataset. This project automates the full ML pipeline to detect anomalous IoT network traffic with 99.76% accuracy.

This projects take a simple Network Intrusion Detection System, make it running on the docker swarm containers. Hence taking the received packets from the client to the server in realtime. Then applying the ML Model on the packet traffic in order to detect the Intrusion. There are 4 attack-class which this model can alert to. Namely: 1> DOS attack 2>R2L(Remote to Local) 3>U2R (User to Root) 4> Probe Attack.

The importance of Feature Selection Methods in Network Intrusion Detection domain | ML.

ML based intrusion detection system, capable of detect, reporting and stopping abnormalities in nearly real-time on a network

ML-based Intrusion Detection System for IoT Networks using ML, CNN, and Transformer models. Modular pipeline with preprocessing, training, evaluation, and performance benchmarking on CICIDS2017, BoT-IoT, and TON-IoT datasets

Anomaly-Based-Network-Intrusion-Detection-System-through-Feature-Selection-and-Hybrid-ML-Project