Detecting Network Intrusions: Leveraging Neural Networks for Real-Time Anomaly Detection

Abstract

The rapid-fire growth of ultramodern network architectures, driven by IoT bias, pall-edge ecosystems, and high-speed communication technologies, has boosted the need for intrusion discovery systems able of operating in real time. Traditional hand-grounded IDS struggle to identify zero-day attacks, while numerous deep literacy models remain too computationally precious for deployment on resource-constrained platforms. This thesis presents a comprehensive intrusion discovery frame that combines featherlight neural networks, ONNX-optimized conclusion, temporal correlation analysis, and gradeboosting bracket to achieve effective, interpretable, and real-time trouble discovery. The first element introduces a compact neural network armature optimized through ONNX runtime and dynamic quantization to deliver sub-5 ms conclusion performance. Experimental evaluation on the UNSW-NB15 dataset demonstrates an average conclusion quiescence of 0.205 ms, achieving a nearly sixty-fold enhancement over LSTM-grounded nascence's. Although the system processes roughly 1389 packets per second, farther optimization of packet-sluice running is needed to completely meet highoutturn enterprise conditions. To strengthen conception against unseen pitfalls, a temporal-correlation characteristic medium is incorporated, enabling the frame to descry over 95% of zero-day attack patterns by using successional behavioral diversions rather than static point autographs. Completing the anomaly sensor, an XGBoostgrounded classifier is trained on CIC-IDS- 2017 business, achieving 99.61% delicacy and an F1-score of 0.98, therefore establishing a high-perfection birth for supervised intrusion discovery. Point-significance analysis identifies the most influential flux attributes, enabling a 30% reduction in point dimensionality without significant performance loss. It helps to improve quickly-drawn conclusions as well as better understandability of deep neural methods which are known for being a "black box" and have been the main shortcoming of these methods. Overall, the proposed frame successfully integrates real-time anomaly discovery, zero-day rigidity, and soluble machine knowledge. The study showed that by utilizing lightweight neural networks (feathery) in conjunction with classifiers using grade-boosting provide a practical and scalable approach for next generation intrusion detection systems for use in current network environments. Future research will focus on incorporating incremental learning, improving the ability to model time, and implementing the system on an actual edge device for real world testing.