An intelligent Network Intrusion Detection System powered by advanced machine learning algorithms. This professional-grade application monitors network traffic in real-time, detects suspicious activity and known threats, and provides comprehensive analytics through an intuitive Streamlit interface. Built with multiple ML models including Random Forest, Gradient Boosting, SVM, and Neural Networks for superior threat detection accuracy.

The Advanced AI NIDS comes packed with professional features:

• 🤖 Multi-Model Machine Learning: Train and compare 4 powerful ML algorithms simultaneously (Random Forest, Gradient Boosting, SVM, Neural Network)
• 📊 Real-Time Traffic Analysis: Live detection and classification of network traffic with instant threat alerts
• 📈 Advanced Analytics Dashboard: Interactive visualizations including ROC curves, precision-recall curves, confusion matrices, and feature importance analysis
• 🎯 Multi-Model Consensus: Get predictions from all models simultaneously for higher confidence in threat detection
• 📁 Flexible Data Input: Support for CIC-IDS2017 dataset or built-in simulated network traffic data
• 📜 Training History & Reports: Track model performance over time and export comprehensive analysis reports
• 🎨 Modern UI/UX: Professional dark mode interface with responsive design and interactive components
• ⚡ High Performance: Optimized for fast training and real-time predictions with parallel processing

Your project directory should look like this:

Network-Intrusion-Detection/
│
├── nids_app.py               # Main Streamlit application
├── requirements.txt          # Python dependencies
│
└── Datasets/                 # Place your CSV files here
    ├── Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv
    ├── Monday-WorkingHours.pcap_ISCX.csv
    └── ... (other CIC-IDS2017 CSV files)

Follow these steps to set up the project environment and install the necessary dependencies.

First, clone the project repository from GitHub to your local machine and navigate into the project directory.

git clone https://github.com/Jarvis1337/Network-Intrusion-Detection.git
cd Network-Intrusion-Detection

For real-world network traffic analysis, download the CIC-IDS2017 dataset:

• Visit the CIC-IDS2017 Dataset Page
• Download the CSV files for different days/attack types
• Extract and place all CSV files in the Datasets/ folder

It is highly recommended to use a virtual environment to manage dependencies for this project. This keeps your project libraries isolated from your global Python installation.

• Run the following command to create a virtual environment named venv:

python -m venv venv

Once the virtual environment is created, you need to activate it. The command differs depending on your operating system.

• For Linux / macOS (Bash/Zsh):

source venv/bin/activate

• For Windows (PowerShell):

# Optional: Run this if you get a permission error
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process

# Activate the environment
.\venv\Scripts\activate

• For Windows (Command Prompt):

.\venv\Scripts\activate.bat

With the virtual environment active, install all the required Python packages listed in the requirements.txt file using pip:

pip install -r requirements.txt

This will install the following packages:

• matplotlib==3.10.8 - For plotting and visualizations
• numpy==2.4.0 - For numerical computations
• pandas==2.3.3 - For data manipulation
• scikit-learn==1.8.0 - For machine learning algorithms
• seaborn==0.13.2 - For statistical visualizations
• streamlit==1.52.2 - For web interface
• plotly==6.5.0 - For interactive charts

• To start the Network Intrusion Detection System interface, use the streamlit command pointing to the main application file:

streamlit run nids_app.py

• After running the command, Streamlit will start a local server
• Open your web browser and navigate to the URL shown in the terminal (typically http://localhost:8501)
• The NIDS dashboard will load with a professional interface

• 📁 Dataset Selection: Choose a CSV file from your Datasets folder, or use simulated data
• 🤖 Model Selection: Select one or more ML models to train (Random Forest, Gradient Boosting, SVM, Neural Network)
• 📊 Training Options: Adjust simulated data size (1000-5000 samples)

• Click the "🚀 Train Models Now" button in the sidebar
• Wait for models to train (progress bar will show training status)
• View results across multiple tabs

• 📊 Dataset Overview: View dataset statistics, sample data, and attack distribution
• 🤖 Model Performance: Compare accuracy, precision, recall, F1-score, and confusion matrices
• 📈 Advanced Analytics: Analyze ROC curves, precision-recall curves, feature importance, and correlations
• 🔴 Live Detection: Test real-time traffic detection with custom parameters or multi-model consensus
• 📜 History & Reports: Track training history, export results to CSV, and view system statistics

The system supports four powerful machine learning algorithms:

The system can detect the following types of network intrusions:

• DDoS (Distributed Denial of Service)
• DoS (Denial of Service)
• PortScan (Port Scanning)
• BruteForce (Brute Force Attacks)
• **And more from CIC-IDS2017 dataset

• Start with Random Forest and Gradient Boosting for optimal performance
• Use the Multi-Model Consensus feature for higher confidence predictions
• Train with real CIC-IDS2017 data for production-grade accuracy
• Regularly export training history to track model improvements
• Monitor the Live Detection tab for real-time threat analysis

Contributions, issues, and feature requests are welcome! Feel free to check the issues page.

⭐ If this project helped you, please consider giving it a star on GitHub!

Network-Intrusion-Detection (NIDS) © 2026 by ~Jarvis is licensed under GNU General Public License v3.0 and Attribution 4.0 International