An Enhanced Intrusion Detection Architecture Using ML-Based Anomaly Detection on Large-Scale Data

Intrusion detection (ID) has become a major issue in the area of safe and dependable communication infrastructure due to the faster pace of large-scale networked systems and the mounting sophistication of cyber-attacks. This article discusses an ID architecture for very big network data that is based on anomaly detection influenced by machine learning (ML). The proposed method makes use of the Synthetic Minority Oversampling Technique (SMOTE), data processing, data cleaning, data normalization, label encoding, and class balancing in order to enhance data quality and solve the issue of class imbalance. A Random Forest (RF) classifier serves as the primary detection model due to its strength, capacity for ensemble learning, and ability to handle high-dimensional data. Another tool used to identify intrusions when users and servers exchange sensitive data is an intrusion detection system (IDS). RF model would be the most effective among other ML and DL models due to its accuracy, which implies that this model could capture unusual and dangerous network activity. The experimental findings prove that the proposed architecture is an effective, scalable, and reliable method of detecting anomalies in large-scale network systems.