Enhancing Network Security Using Machine Learning-Based Anomaly Detection: A Random Forest Approach
Keywords:
Network Security, Anomaly Detection, Random Forest, Machine Learning, Flask, scikit-learn, Intrusion Detection, Cybersecurity, Ensemble Learning, Feature EngineeringAbstract
This research article presents a comprehensive investigation into ML-based network security anomaly detection using
a Random Forest ensemble classifier. Modern enterprise networks face escalating cyber threats—DDoS attacks,
intrusions, malware, phishing, and ransomware—that overwhelm traditional signature-based defenses. The proposed
system analyzes 18 network traffic features, including protocol, packet type, anomaly score, severity level, malware
indicators, IDS/IPS alerts, and firewall logs, to classify network packets into six distinct attack categories in real time.
A Random Forest Classifier with 100 estimators is trained on a synthetically generated dataset of 5,000 packets with
realistic, attack-specific feature distributions. Ten LabelEncoders transform categorical traffic attributes into
numerical representations suitable for tree-based classification. The full-stack web platform—built with Flask, scikitlearn,
SQLite, Bootstrap 5, and Chart.js—achieves 99.80% classification accuracy, outperforming Decision Tree
(97.40%), SVM (91.20%), Logistic Regression (89.60%), and Naive Bayes (82.40%) baselines. This paper details the
mathematical foundations of the Random Forest algorithm, the system architecture, the feature engineering pipeline,
algorithmic pseudocode, and a thorough result analysis with comparative tables and performance graphs.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Authors
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
