Intelligent Network Traffic Anomaly Detection Using ML Algorithms

Authors

  • Mohammed Haris Uddin, Khaja Rahber Uddin , Syed Safwan Waseem B.E Students; Department of Artificial Intelligence & Data Science ISL Engineering College, Hyderabad, India Author
  • Mr. Mohammed Rahmat Ali Assistant Professor, Department of Computer science & Artificial Intelligence & Data Science, ISL Engineering College, Hyderabad, India. Author

Keywords:

ML Algorithms

Abstract

This project presents an intelligent network traffic anomaly detection system using advanced machine learning techniques to enhance cybersecurity. With the rapid growth of internet usage and increasing cyber threats, traditional rule-based intrusion detection systems have become ineffective in identifying evolving and unknown attacks. To address this challenge, a data-driven approach is proposed using the CatBoost algorithm, a state-of-the-art gradient boosting technique known for its high accuracy and efficient handling of categorical and numerical data.

The system is trained and evaluated on the KDD Cup 1999 dataset, which contains labeled instances of normal and malicious network traffic, including attacks such as Denial-of-Service (DoS), Probe, Remote-to-Local (R2L), and User-to-Root (U2R). The methodology involves data preprocessing, feature selection, and model training to improve performance and reduce computational complexity. Comparative analysis with traditional algorithms such as Decision Trees and Random Forest demonstrates that the proposed model achieves superior accuracy exceeding 99%, along with better generalization and reduced overfitting.

To ensure practical usability, the system is deployed as a Flask-based web application that supports user authentication, real-time anomaly prediction, and visualization of performance metrics such as confusion matrix and feature importance. This integration enables seamless interaction and real-world applicability for network administrators and cybersecurity professionals.

Overall, the proposed system provides a scalable, efficient, and highly accurate solution for network intrusion detection, contributing to improved protection of digital infrastructure and offering a foundation for future enhancements such as real-time monitoring and multi-class attack classification.

Additionally, the system enhances decision-making by providing interpretable insights into key network features contributing to anomalies. Its adaptable architecture allows easy integration with real-time monitoring systems and future expansion into advanced intrusion prevention mechanisms

Downloads

Published

2026-04-27

Issue

Vol. 16 No. 2s1 (2026): April - (Special Issue)

Section

Articles

License

Copyright (c) 2026 Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

Intelligent Network Traffic Anomaly Detection Using ML Algorithms. (2026). International Journal of Engineering and Science Research, 16(2s1), 80-87. https://www.ijesr.org/index.php/ijesr/article/view/1707

Most read articles by the same author(s)

Similar Articles

1-10 of 248

You may also start an advanced similarity search for this article.