The primary aim of this project is to develop a machine learning-based system capable of detecting unusual patterns in network activity that may indicate cyberattacks or system vulnerabilities. Traditional intrusion detection systems often rely on predefined rules or static models, which limits their ability to respond to novel threats. This project addresses that limitation by applying One-Class Support Vector Machine (SVM), a powerful algorithm for anomaly detection, to network traffic data. The model learns the normal behavior of the system and flags deviations as potential threats. Over time, it adapts and improves its accuracy, making it suitable for modern, dynamic cybersecurity environments. By the end of the project, students will deliver a functioning prototype that can process network data, detect anomalies, and offer alerts—providing practical insights into both cybersecurity and applied machine learning.
The project is structured across twelve weeks, starting with foundational concepts in machine learning and network security. In the early weeks, students will set up their development environment using tools like Python, Anaconda, or Google Colab, and gather network datasets with both normal and anomalous traffic patterns. These datasets will serve as the basis for training and testing the One-Class SVM model.
In the middle weeks, students will implement the detection model, integrate it with simulated or real network data, and analyze its accuracy. Libraries such as Scikit-learn and Pandas will be used for feature extraction, model training, and performance evaluation. During the later stages, efforts will focus on improving the model’s sensitivity to emerging threats, optimizing its accuracy, and ensuring efficient resource usage. Students will finalize the system, document their process, and present the working model as part of their team project. While the model cannot guarantee immediate detection of new threats, it will evolve as more data is fed into the system.
