INTELLIGENT CYBER THREAT DETECTION AND ALERT SYSTEM

Authors

  • Aishwarya Naik Author
  • V. Anuradha Nikitha Author
  • B. Kesava Author
  • Y. Karthik Author
  • G. Varoudhini Author

DOI:

https://doi.org/10.62643/ijerst.2026.v22.n1(2).pp269-274

Keywords:

Anomaly Detection; Cybersecurity; Hybrid Intrusion Detection; Isolation Forest; Random Forest; Temporal Analysis; Threat Intelligence.

Abstract

This paper presents a hybrid, real-time cybersecurity threat detection platform for network flow analysis. The system combines a supervised Random Forest classifier, an unsupervised Isolation Forest anomaly detector, and five deterministic baseline rules to classify network flows across five attack categories: DoS, DDoS, Port Scanning, Web Attacks, and Infiltration. A rolling-window temporal analysis module detects burst and persistent attack campaigns across 5- minute, 1-hour, and 24-hour windows. VirusTotal Cyber Threat Intelligence (CTI) enrichment and a four-tier priority fusion engine (P0-P3) enable structured analyst triage. Evaluated on the ISCX CICIDS2017 benchmark, the Random Forest achieves 86.7% accuracy, 92.0% precision, 82.6% recall, and an F1-score of 87.1%. The platform is deployed as a FastAPI backend with a React dashboard, achieving sub-100 ms detection latency per flow.

Downloads

Published

31-03-2026

Issue

Vol. 22 No. 1(2) (2026): Volume 22, Issue 1(2), 2026

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

INTELLIGENT CYBER THREAT DETECTION AND ALERT SYSTEM. (2026). International Journal of Engineering Research and Science & Technology, 22(1(2), 269-274. https://doi.org/10.62643/ijerst.2026.v22.n1(2).pp269-274