Skip to content

krithick-rk/Network_Traffic_Analyzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
backend
backend
 
 
docker
docker
 
 
frontend
frontend
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

🛡️ AI-Powered Network Intrusion Detection System (NIDS)

Banner Tech XAI

A state-of-the-art Network Intrusion Detection System that merges high-accuracy Machine Learning with Explainable AI (XAI). It provides security administrators with real-time visibility into network threats, complete with automated reasoning and mitigation suggestions.

🌟 Premium Features

🔍 Real-Time Intelligent Sniffing

  • Vectorized Analysis: High-throughput packet processing engine using Scapy and NumPy.
  • Protocol Agnostic: Analyzes TCP, UDP, and ICMP traffic with deep feature extraction.
  • Hardware-Optimized: Automatic mapping to physical network adapters (WiFi/Ethernet) on Windows and Linux.

🧠 Dual-Engine AI Core

  • The Classifier: A RandomForest model trained on 2M+ flows for identifying known attack patterns (DDoS, Probe, PortScan, etc.).
  • The Guardian: An IsolationForest unsupervised model for detecting zero-day anomalies that don't match known signatures.
  • Global Feature Schema: Standardized 6-feature pipeline (duration, counts, bytes, ports, protocols) for cross-dataset compatibility.

📊 Explainable Security Dashboard

  • SHAP Integration: Visualizes exactly why a flow was flagged, highlighting the most suspicious features.
  • Activity Heatmaps: Continuous D3.js-powered traffic monitoring.
  • Live Notifications: Instant alerts in the unified security feed for critical threats.

🏗️ Project Structure

📂 Network Traffic Analyzer
├── 📂 backend           # FastAPI + ML Engine
│   ├── 📂 app           # API Routing & Schemas
│   ├── 📂 data          # SQL Databases & ML Artifacts
│   ├── 📂 models        # Trained .pkl Model Files
│   ├── 📂 services      # Core logic (Capture, Model, Alerts)
│   ├── 📂 utils         # Standardized Data Cleaning & AI Schemas
│   └── 📂 tests         # Security & Unit Tests
├── 📂 frontend          # React + Vite Dashboard
│   ├── 📂 src/components # Reusable UI Modules
│   ├── 📂 src/pages      # Dashboard Views
│   └── 📂 src/services   # API Connectivity Layer
├── 📂 docker            # Deployment configurations
└── 📄 Makefile          # Unified project management

🚀 Quick Start Guide

1. Project Installation

Use the provided Makefile to set up both environments automatically:

make install

2. Configure Environment

Create your .env file from the provided example:

cp .env.example .env
# Set VITE_API_URL=http://localhost:8000

3. Start the Engines

In two separate terminals, launch the backend and frontend:

Backend:

make dev-backend

Frontend:

make dev-frontend

🛠️ Deployment (Docker)

For production-ready deployment with a single command:

make up

📝 Training Custom Models

If you have custom PCAP datasets, place them in backend/data/raw/ and run:

make train

Important

Windows Users: Ensure you have Npcap or WinPcap installed for the real-time sniffer to access network hardware. Download it at npcap.com.

© 2026 NIDS Team | Optimized for SOC Level 2/3 Environments

About

Real-time AI-powered Network Intrusion Detection System with multi-model threat detection (Random Forest + Isolation Forest), explainable AI (SHAP), and an interactive cybersecurity dashboard

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages