ML-Powered Firewall for Adaptive Threat Detection and Real-Time Attack Prevention

Abstract

A largest number of interconnected ecosystems emerged from the quick spread of Network devices but this expansion has also left various environments susceptible to advanced cyberthreats especially network attacks. These attacks cause operational problems and pose serious security and privacy issues by taking advantage of flaws in networks. The complexity and scope of modern attacks are frequently beyond the scope of conventional detection techniques calling for sophisticated solutions that can effectively and precisely identify these dangers in real time. The hybrid machine learning approach was created in order to overcome these difficulties using the UNSW_NB15 dataset as a standard for examining network traffic data. To optimize feature selection and improve model performance many preprocessing techniques were used, such as standardization, feature encoding, Column Transformer, One Hot Encoder with chi-squared selection of features and Standard Scaler. Among the several machine learning models that were employed and evaluated Random Forest obtained an accuracy rate of 95%, Extra Trees 94.85%, the Decision Tree 93.69%, MLP 93.44%, Gradient boosting 93.15%, the KNN algorithm, 92.91% and Logistic Regression 91.07%. When it came to detecting seasonal patterns in network traffic the Long Short-Term Memory (LSTM) algorithm was the most effective with an accuracy in training of 96.665% and an accuracy in testing of 96.435%. Streamlit was used to create a simple user interface that lets users submit CSV data files with network traffic providing real-time attack alert system.