Network Intrusion Detection System

Project Abstract

The modern digital transformation is making cybersecurity threats more advanced, and it is necessary to design smart systems that can recognize the presence of intrusion into the network in real-time to protect the integrity of the network and the confidentiality of information. This project proposes the design and development of a Network-Based Intrusion Detection System (NIDS) which combines machine learning and deep packet inspection methods to track network traffic, detect anomalies and notify representatives of any suspicious operations. The backend of the system was built in Flask (Python) and includes a pre-trained machine learning model (intrusion_model.pkl) that is used to categorize network activities in terms of features derived out of packet captures (PCAP files). PyShark (used to interpret packets), scikit-learn (used to scale and encode features), and joblib (used to load models with high efficiency) are some of the main supporting tools. The frontend is implemented using HTML and Bootstrap, and it is user-friendly due to the possibility to upload packet files, extract features automatically, and display real-time intrusion detection output. The features also include a log management system where the users are allowed to add incident logs and the administrators can view, update, or delete them. SQLite databases (database.db, logs.db) hold predictions and logs history that will be utilized during future analysis and audits. Moreover, the system can be used to monitor PCAP files in real-time and to perform batch analysis, which is useful in both live network protection and forensic investigations after the incident.

Research Area

Machine Learning: Machine Learning (ML) research in Computer Science and Information Technology focuses on the development of algorithms and models that enable computers to learn from data and improve their performance over time without being explicitly programmed. It is a subset of Artificial Intelligence that uses statistical techniques to give machines the ability to learn patterns, make decisions, and predict outcomes based on data. Supervised learning, a key area of ML research, involves training models on labeled data, where the input-output relationships are predefined. This method is widely used for tasks such as classification (e.g., spam detection) and regression (e.g., predicting house prices). Unsupervised learning, on the other hand, involves finding hidden patterns in data without predefined labels, with clustering and association being typical applications in areas such as customer segmentation and anomaly detection. Reinforcement learning is another area of ML that focuses on teaching agents to make decisions by interacting with their environment and receiving feedback in the form of rewards or penalties. It is often applied in robotics, game playing, and autonomous systems, where continuous learning and adaptation are required.

Project Main Objective

• To design, develop and test an effective and efficient network intrusion detection system (NIDS) based on machine learning to improve network security surveillance.

Academic Year

2024/2025

Date Uploaded

Feb 3, 2026

Group Members

BAMFO BRIAN KOFI (UEB3228921), HARRIS ROYCE JOEL (UEB3265622), OWUSU MATHIAS (UEB3227821), NGYIRE DANSO MICHAEL (UEB3206221), ROCKSON GODFRED (UEB3277323)

Program Of Study

BSc Information Technology