A Hybrid Model for Detecting Intrusions on Network Logs

Abstract

The presence of malicious traffic presents a substantial risk to network systems and the integrity of confidential information. Organisations may enhance their protection against threats and mitigate the possible impact of malicious traffic on their networks by maintaining vigilance, deploying comprehensive security measures, and cultivating a cybersecurity-aware culture. The purpose of this study is to propose a theoretical framework for identifying and analysing potentially harmful network traffic within a network system. In order to identify and classify various types of malicious network traffic in a multi-class setting, we employed a dataset consisting of nine distinct categories of network system attacks. In order to optimise the performance of the model, an exploratory data analysis is conducted on the dataset. Exploratory data analysis (EDA) was employed to assess various aspects like the presence of missing values, correlation among characteristics, data imbalance, and identification of significant features. The findings derived from the exploratory data analysis indicate that the dataset exhibits an imbalance, which, if left unaddressed, may result in overfitting. The data imbalance was addressed with the implementation of the RandomOverSampling approach in Python, which involved executing random oversampling. Following the resolution of the data imbalance, a random forest classifier was employed to extract significant features from the dataset. In this study, a total of ten characteristics were extracted based on the ranking provided by the random forest model. The features that were extracted were utilised in the training process of the suggested model, which aims to identify and detect malicious activity within a network system. The findings of the model indicate a much improved level of accuracy in identifying malicious traffic within a network system, with an accuracy rate of 99.99%. Furthermore, the precision, recall, and F1-score metrics also demonstrate a consistent accuracy rate of 99.99%.