Saved in:
Bibliographic Details
Main Authors: Sharkhan, Aruzhan, Myrzabayeva, Manshuk, Anuar, Maksat
Format: Recurso digital
Language:
Published: Zenodo 2025
Online Access:https://doi.org/10.5281/zenodo.17710594
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • <p>This study explores the application of machine learning techniques for detecting anomalies and cyberattacks in network traffic. A comparative analysis was conducted between a traditional rule-based intrusion detection method and a machine learning ensemble model. Using a full 2^3 factorial experimental design, the influence of three key factors—detector type, the use of a Threat Intelligence module, and network traffic load—on the F1-score was evaluated. The results show that the machine learning ensemble significantly improves detection accuracy (approximately 30% increase), while integrating external Threat Intelligence provides an additional performance gain (~7%). High traffic load, however, reduces detection quality by around 7%. Regression modelling and graphical interpretation confirmed that the detector type is the most influential factor. The findings demonstrate the effectiveness of machine learning-based approaches in intrusion detection systems and offer practical recommendations for enhancing cybersecurity solutions.</p>