International Journal of Science, Engineering and TechnologyAuthors: Arjun Raju Polenwar, M. Adarsh Ram, Kembasaram Harini, Dr. G. Venkanna
Abstract: The exponential growth in network traffic volume, velocity, and heterogeneity has rendered manual threat monitoring operationally infeasible for modern enterprise, cloud, and hybrid infrastructures. Conventional signature-based intrusion detection systems (IDS) perform reliably for catalogued attack fingerprints but exhibit critical detection gaps when confronted with polymorphic, obfuscated, or zero-day attack behaviors that have no prior signature representation. This paper presents an anomaly-driven intrusion detection framework grounded in Isolation Forest — an unsupervised machine learning algorithm that isolates statistically rare patterns in high-dimensional data without requiring labeled attack samples during training. The proposed system integrates data ingestion, feature preprocessing, model training, anomaly scoring, quantitative evaluation, and dashboard-based visual reporting into a single reproducible end-to-end pipeline. Validation on an NSL-KDD based benchmark dataset comprising 22,543 records and 42 attributes yields Accuracy = 0.730, Precision = 0.799, Recall = 0.702, and F1-score = 0.747 under label-aware evaluation. These results confirm that a computationally lightweight unsupervised model can serve as an effective first-stage network threat detector while preserving operational interpretability and deployment feasibility.
