Abstract
This paper presents a machine learning-based ap-
proach for network intrusion detection. It relies on a fast binary
classifier to quickly distinguish between benign and malicious
traffic, being the actual type of attack detected in an independent
second stage. The model was trained and evaluated using a
benchmark dataset that combines the well known CIC-IDS2017,
CIC-IDS2018, and UNSW-NB15 datasets, following extensive pre-
processing and exploratory data analysis. We compared multiple
algorithms (Neural Networks, XGBoost, Random Forest, and
Logistic Regression) based on standard metrics like precision,
F1 score, ROC-AUC, and inference time, among others. Ex-
perimental results show that XGBoost consistently achieves the
best balance between classification performance and deployment
efficiency.
