An Intrusion Detection System leveraging Python and machine learning techniques, specifically KNN and Decision Trees, effectively identifying and mitigating security threats in real-time network environments.
An intrusion detection system (IDS) is a tool for spotting unusual activity in network traffic and sending out alerts when it is found. It is software that checks a system or network for malicious activities and detects the spam parameters using machine learning models. The IoT dataset used for experiments, is pre-processed by using feature engineering procedure. By experimenting the framework with machine learning models, each appliance is awarded with a spam score. This refines the conditions to be taken for successful working on devices in a smart home.
Recent advancements in network technology and associated services have led to a rapid increase in data traffic. Network attacks are evolving in various forms. An An essential instrument for monitoring and identifying intrusion threats is intrusion detection system (IDS). The task is to build an intrusion detector, apredictive model capable of distinguishing between bad intrusions or attacks and good normal connections. We are proposing an IDS algorithm based on supervised machine learning methods for developing such an efficient and flexible system that can detect intrusions from the data received in real time. Finally, an intrusion detection system based on the Random Forest classifier is built using the optimal training dataset obtained by data sampling and the features selected by feature selection. The experiment will be carried out on the CICIDS2017 dataset. Compared with other algorithms, the model has obvious advantages in detecting rare anomaly behaviours.
Objective:
Improve accuracy of the intrusion detection.
Decrease false alarms.
Shorten training time for intrusion detection, reduce the manual labour.
To increase protection to the system.
Technologies :
Machine learning
K-Nearest Neighbor (KNN)
Random forest classifier
Decision tree
Problem statement :
To distinguish the activities of the network traffic the intrusion and normal is very difficult and to need much time-consuming. An analyst must review all the large and wide data to find the sequence of intrusion on the network connection. Therefore, it needs a way to detect network intrusion to reflect current network traffic. The above-mentioned is achieved with the help of a real-time intrusion prevention system based on machine learning algorithms, which makes it flexible with all types of variant attacks.
Proposed system:
Conclusion:
Over this new set of data , testing and training data are classified in order to perform regression analysis , KNN algorithms and machine learning techniques. By using decision tree learning , we will classify whether there is presence of virus or not.