A Robust and Scalable Machine Learning Based Network Intrusion Detection System for Real-Time Threat Detection in High-Volume Networks

This paper presents the design and implementation of a hybrid Network Intrusion Detection System (NIDS) that leverages both machine learning (ML) and deep learning (DL) techniques to achieve high‐precision, real‐time threat detection and classification. By combining anomaly‐based and signature‐based approaches, the system continuously monitors network features—such as IP addresses, packet patterns, and throughput—and distinguishes normal traffic from malicious activity with minimal false alarms. During development, four ML algorithms (Random Forest, support vector machine, and XGBoost) and two DL architectures (convolutional neural network, artificial neural network) were evaluated; XGBoost and an artificial neural network (ANN) achieved the highest standalone accuracies. These two models were then integrated into a unified hybrid framework, yielding an overall detection accuracy of 96.0%. The NIDS is delivered as an intuitive web application built with Flask, enabling security analysts to visualize alerts, inspect detailed threat classifications, and respond swiftly. Experimental results demonstrate that this hybrid approach not only accelerates detection but also enhances classification granularity, making it a practical tool for strengthening modern network defenses. Keywords: Anomaly-based detection, Artificial neural network, Convolutional neural network, Deep learning, XGBoost