XGBoost-SMOTE Framework for Real-Time Network Anomaly Threat Detection

Abstract

This electronic document presents an AI-powered Network Traffic Anomaly Detection System designed to monitor and detect irregularities in network traffic patterns. Using machine learning, the system analyzes parameters such as packet counts, traffic volume, and transmission rate to identify anomalies like data exfiltration, Distributed Denial of Service (DDoS) attacks, and unauthorized access. As network traffic grows exponentially, real-time threat detection has become vital. Traditional rule-based intrusion detection systems struggle to detect new or zero-day attacks. To address this, the proposed DeepDoSDetect framework integrates Extreme Gradient Boosting (XGBoost) with the Synthetic Minority Oversampling Technique (SMOTE) for accurate real-time DoS detection. Evaluation using ROC curves, feature importance plots, and confusion matrices confirms that the XGBoost-SMOTE model enhances accuracy, responsiveness, and scalability compared to conventional methods.