<![CDATA[The increasing volume and diversity of traffic in modern networks demand more adaptive intrusion detection approaches than traditional signature-based methods. This study aims to evaluate and compare the performance of several machine learning algorithms in detecting multi-class network traffic anomalies using the CIC-IDS2017 dataset. The research process includes data cleaning and transformation, class imbalance handling through random undersampling, and the implementation of five classification models: Logistic Regression, Gaussian NaïveBayes, Random Forest, K-Nearest Neighbors, and Support Vector Machine. Model performance is assessed using accuracy, precision, recall, and F1-score, supported by confusion matrix analysis and feature contribution evaluation. The results indicate that Random Forest achieves the best performance with an accuracy of 99.44% and consistently high evaluation metrics, while Gaussian Naïve Bayes shows the lowest performance. Furthermore, flow-based features are found to play a dominant role in improving classification accuracy, while misclassifications mainly occur among classes with similar traffic patterns. The findings highlight that selecting appropriate algorithms and applying effective preprocessing strategies are critical for developing more accurate and adaptive intrusion detection systems capable of addressing evolving cyber threats.]]>
Copyrights © 2026
