This repository presents an intelligent intrusion detection system (IDS) that leverages network flow data and system-level anomaly features to detect malicious activity using machine learning and deep learning models.
The project explores traditional and advanced intrusion detection techniques, evaluates multiple classifiers, and examines adversarial robustness under evasion attacks. It is designed to reflect real-world SOC detection challenges, including class imbalance, feature engineering, and model resilience.
The work follows a full research lifecycle: problem definition → literature review → methodology → implementation → evaluation → discussion, with strong emphasis on ethical, legal, and deployment considerations.
Design an anomaly-based intrusion detection system
Fuse network-level and system-level features for improved detection
Compare machine learning and deep learning models
Address class imbalance and feature selection challenges
Evaluate detection performance using standard metrics
Assess robustness against adversarial machine learning attacks
Consider ethical, legal, and real-world deployment constraints
Signature-based vs anomaly-based IDS
Network flow feature modelling
System-level anomaly indicators
Multi-domain feature fusion
Random Forest and XGBoost classifiers
Convolutional Neural Networks (CNN)
Long Short-Term Memory (LSTM) models
Handling imbalanced datasets
Fast Gradient Sign Method (FGSM)
Projected Gradient Descent (PGD)
Evaluation of adversarial robustness
Analysis of model degradation under attack
Precision, Recall, and F1-score
Confusion matrix analysis
Model comparison and trade-offs
Performance on clean vs adversarial data
Intrusion Detection System Design
Network and system-level security analytics
Machine learning and deep learning for security
Feature engineering and selection
Adversarial ML evaluation
SOC-aligned detection analysis
Ethical and responsible AI considerations
Research-grade documentation and reporting
Anomaly detection theory
Defence-in-depth (detection layer)
Secure and ethical ML design
Adversarial threat modelling
Risk-aware evaluation
SOC Analysts
Security Engineers
Detection Engineers
ML-for-Security practitioners
Cybersecurity students and researchers
This project was developed for academic and research purposes. All datasets and experiments were conducted in controlled environments. No live production systems or personal data were used.