Comparative Performance Evaluation of Machine Learning Algorithms for Cyber Intrusion Detection

Continuing development of network technologies and the escalation of cyber threats have heightened the the requirement for IDS or Intrusion Detection System solutions. There are two issues that may remain a challenge for IDS techniques developed within the scope of traditional approaches: the accuracy of detection and applicability of measures. the face of evolving threats. This paper focus on comparing ten machine learning algorithms (Artificial Neural Network (ANN), K-Nearest Neighbors (K-NN), Naive Bayes (NB), Random Forest (RF), Decision Tree (DT), Logistic Regression (LR), Support Vector Machine (SVM), Gradient Boosting (GB), AdaBoost (AB), and XGBoost) using the CICIDS2017 dataset, which represents a wide array of network intrusions in traditional network environments. The main purpose of this research is to measure the efficiency of these algorithms from different learning attacks in order to develop a real-time intrusion detection system. The performance of each model is further evaluated by examining some metrics values. The results show that XGBoost, followed by other ensemble based models, that include Random Forest and Gradient Boosting, provide almost 100\% detection rates, making them some of the best models to tackle large and skewed data sets. These algorithms were able to achieve high accuracy across the board and also in identifying the minority attack classes that are so relevant in a good IDS. On the other hand, there were under-performed algorithms such as Naive Bayes and AdaBoost to discover specific types of attacks suggesting their infeasibility when used for intricate intrusion detection problems without further enhancement. Traditional algorithms such as SVM and Logistic Regression showed good overall accuracy but faced challenges with minority classes, highlighting the need for advanced techniques to improve their performance. This analysis underscores the strengths and limitations of different machine learning algorithms in detecting sophisticated cyber threats within traditional network architectures. The findings provide valuable insights for selecting optimal models in designing robust and scalable intrusion detection systems for current and next-generation networks. Future work should focus on addressing class imbalance and enhancing model generalization to improve detection rates for underrepresented attack types, thereby strengthening the overall security posture against emerging cyber threats.