Sharkhan, AruzhanMyrzabayeva, ManshukAnuar, Maksat
This study explores the application of machine learning techniques for detecting anomalies and cyberattacks in network traffic. A comparative analysis was conducted between a traditional rule-based intrusion detection method and a machine learning ensemble model. Using a full 2^3 factorial experimental design, the influence of three key factors—detector type, the use of a Threat Intelligence module, and network traffic load—on the F1-score was evaluated. The results show that the machine learning ensemble significantly improves detection accuracy (approximately 30% increase), while integrating external Threat Intelligence provides an additional performance gain (~7%). High traffic load, however, reduces detection quality by around 7%. Regression modelling and graphical interpretation confirmed that the detector type is the most influential factor. The findings demonstrate the effectiveness of machine learning-based approaches in intrusion detection systems and offer practical recommendations for enhancing cybersecurity solutions.
Arlete RodriguesJagan Santhosh Kumar J -Sonia Jenifer Rayen
Sharkhan, AruzhanMyrzabayeva, ManshukAnuar, Maksat
Shini GirijaHajira KhanumB R SinchanaSyed Thouheed AhmedC Rashmi
Dipali ParadhiMehjabeen Naghma AnsariSharmila More