Anomaly detection in network traffic using machine learning
Ensuring network security has become difficult due to the rapid growth of internet-connected devices, leading to a significant increase in network traffic data. The enormous amount of data generated is vulnerable to multiple types of cyberattacks and intrusions, including phishing, denial-of-service...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Politeknik Negeri Padang
2026
|
| Subjects: | |
| Online Access: | https://umpir.ump.edu.my/id/eprint/47637/1/Anomaly%20Detection%20in%20Network%20Traffic%20Using%20Machine%20Learning.pdf https://umpir.ump.edu.my/id/eprint/47637/ https://joiv.org/index.php/joiv/article/view/4898 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Ensuring network security has become difficult due to the rapid growth of internet-connected devices, leading to a significant increase in network traffic data. The enormous amount of data generated is vulnerable to multiple types of cyberattacks and intrusions, including phishing, denial-of-service (DoS) attacks, malware, and unauthorized access. Therefore, it is critical to ensure that the network traffic is properly monitored and secured by accurately detecting anomalies to prevent intrusions. One effective method to achieve this is to implement machine learning techniques, which have gained attention among researchers for analyzing complex patterns in datasets. In this paper, an anomaly detection method is proposed using machine learning (ML) techniques. The study objective is to analyze the effectiveness and reliability of implementing machine learning techniques in identifying anomalies in network traffic. Five (5) algorithms, which are Adaptive Boosting (AdaBoost), K-Nearest Neighbor (KNN), Random Forest (RF), Multi-Layer Perceptron (MLP), and Decision Trees (ID3) are systematically evaluated using the dataset CICIDS2017, a comprehensive and widely adopted benchmark for network traffic detection research. Five (5) performance metrics, which are accuracy, precision, recall, and f-measure, are utilized to assess the result of each algorithm. The results highlight that the KNN algorithm achieves the highest accuracy, at 97%, while the ID3 algorithm produces a balanced trade-off between performance and efficiency. These findings demonstrate that machine learning techniques have strong potential to enhance network security by improving anomaly detection, providing a promising direction for developing intelligent, adaptive intrusion detection. |
|---|