Comparative Analysis of Machine Learning Models for Cyber Attack Detection in Network Traffic Using Behavioral Network Features

Cyber-attacks pose a serious threat to modern network systems as the volume and complexity of network traffic continue to increase. Traditional security mechanisms often struggle to detect sophisticated attacks, which has led to the adoption of machine learning techniques for improving intrusion detection systems. This study presents a comparative analysis of four machine learning algorithms, namely Support Vector Machine, Random Forest, Gradient Boosting, and K Nearest Neighbors, for cyber-attack detection using network behavioral features. The dataset used in this research consists of 9,537 network sessions labeled as either normal traffic or attack traffic. The models were evaluated using accuracy, precision, recall, F1 score, and ROC AUC metrics. The experimental results show that Random Forest achieved the best overall performance with an F1 score of 0.853 and precision of 0.992, while Gradient Boosting achieved the highest ROC AUC value of 0.879. Feature importance analysis revealed that failed login attempts, IP reputation score, and login attempts are the most influential factors in identifying malicious activity. These findings indicate that ensemble learning models provide reliable performance for cyber-attack detection and can support the development of more effective machine learning based intrusion detection systems in network security environments.