Detection of Cyber Attacks in Networks Using Machine Learning Techniques

Abstract

Advances in computing and communication technologies have produced broad benefits for individuals, organisations, and governments, but they have also introduced serious problems such as protecting important data, securing storage platforms, and ensuring data availability. Cyber threats have reached a level that can threaten public and national security, so Intrusion Detection Systems (IDS) have been developed to defend against cyber attacks. In this work, machine-learning algorithms are used to detect attacks based on the modern CICIDS2017 dataset. A Support Vector Machine was used to detect port-scan attempts, achieving accuracy rates of 97.80% and 69.79% for the respective evaluations reported in the source. In addition to SVM, other algorithms—Random Forest, Convolutional Neural Network, and Artificial Neural Network—were evaluated, with reported accuracies of SVM 93.29%, CNN 63.52%, Random Forest 99.93%, and ANN 99.11%. The CICIDS2017 dataset covers benign traffic and common updated attacks such as DoS, DDoS, brute force, XSS, SQL injection, infiltration, port scan, and botnet, with more than 80 network-traffic features. The system is implemented in Python using scikit-learn and Keras with a desktop interface for loading data, training models, and comparing performance. The results identify which algorithm provides the best accuracy for detecting whether a cyber attack has occurred, supporting more reliable network defence.