KAVACH: A Multi-Class Machine Learning Based Intrusion Detection System

Network security is now a burning issue with the active growth of the digital infrastructure. Conventional intrusion detection systems (IDS) are signature based and simple, and unable to identify the emerging cyber threats and new zero- day attacks. In this paper, the author describes an AI-based Intrusion Detection System called KAVACH, which combines machine learning, live network monitoring, structured database logging, and a web-based management dashboard. This system logs network traffic with Scapy, models connection-level char- acteristics in line with the NSL-KDD dataset, and classifies traffic with a Random Forest model. It facilitates real-time monitoring of the packets as well as CSV-based batch deep analysis. Detection events are persistent to a SQLite database to be analyzed historically, whereas a Flask-based dashboard enables visualization, user authentication, and the generation of reports. Experimental data have shown that the classification accuracy is more than 99 percent, also the detection latency is less than 110ms, which is comparatively good, and the identification of various types of attacks such as DoS, Probe, U2R, and R2L is possible. These results confirm the use of KAVACH as an effective and efficient tool in the implementation of functionality in the real network setup.