Intrusion Detection Dashboard

Real-time flow classification · Master's capstone · Streamlit deployment

Packets Analysed

847,293
last 24h window

Threats Detected!

4,218
0.50% of all traffic

Model Accuracy

97.2%
10-fold cross-validation

False Positive Rate

1.3%
holdout set

Live Network Traffic

Simulated CICIDS2017 replay · classified per flow
0 pkt/s

Feature Importance

Random Forest · top 8 by mean decrease in impurity

Model Comparison

Tuned on balanced subset (SMOTE k=5 on train only)
★ winner
Model
Prec
Recall
F1
AUC
Logistic Regression
0.87
0.62
0.72
0.94
Isolation Forest
0.84
0.79
0.81
0.93
Random Forest
0.93
0.89
0.91
0.97
Ensemble (IF+RF+AE)
0.95
0.94
0.95
0.98

MITRE ATT&CK Coverage

Detection rules mapped to enterprise techniques
T1110.001
Brute Force
Password guessing
T1046
Port Scan
Network discovery
T1498
DDoS
Network DoS
T1190
Web Exploit
Public app abuse
T1071.004
DNS Tunnel
App layer proto
T1071.001
C2 Beacon
Web protocols