ARCHIVES

Intrusion Detection Systems (IDS) are critical components of modern cybersecurity infrastructure, designed to identify and mitigate threats within network traffic. However, traditional detection methods often struggle to detect novel or zero-day attacks. This paper presents a hybrid IDS that leverages both supervised and unsupervised machine learning techniques – specifically Random Forest for classification and Isolation Forest for anomaly detection – to provide robust threat identification. Utilizing the CICIDS2017 dataset, chosen for its realistic representation of network traffic, the system employs comprehensive feature engineering to enhance detection accuracy. A key contribution is the development of a real-time visualization dashboard, enabling security analysts to monitor network patterns, intrusion attempts, and system performance dynamically. Experimental results demonstrate the hybrid model's superior performance over standalone models, achieving high accuracy in identifying known attack signatures while also detecting anomalous activities potentially indicative of zero-day exploits. This work advances cybersecurity practice by offering a practical, interpretable, and visually interactive solution for network intrusion detection.