RETINA: Network Intrusion Detection System using Machine Learning Approach

Abstract

In today's digital age, protecting networks from cyberattacks is crucial because it pose significant risks to sensitive data, financial assets and organizational reputation. However, traditional Network Intrusion Detection Systems (NIDS) often face challenges such as inefficiency, limited accuracy, and difficulty handling real-time data. To address these issues, we proposed a Real Time Anomaly (RETINA) system using machine learning approach. RETINA will be focusing on real-time packet analysis and threat classification to detect Dos attack and brute force attack. The development follows the Object-Oriented Analysis and Design (OOAD) methodology. The project employs XGBoost algorithm and dataset from CICIDS 2017 for threat classification, Scapy library for real-time packet capture, and a web-based interface for monitoring and visualization. The project primarily benefits network administrators by enabling them to identify and respond to security threats proactively. The outcome of this project will highlight the potential of intelligent algorithms in advancing intrusion detection systems. The final developed system could detect Denial of Service (DoS) and Brute Force Attack and significantly low 0.07% False Positive Rate.