Machine Learning Based Cyber Attack Detection in Network Systems Using Network Session Behavioral Features

The rapid growth of cyber-attacks and network-based threats has created significant challenges for maintaining secure digital infrastructures. Traditional security mechanisms often struggle to detect sophisticated and evolving attack patterns, making intelligent detection systems increasingly important. This study investigates the application of machine learning techniques for detecting malicious network activities using network session data. The dataset used in this research consists of 9,537 network session records containing multiple behavioral and contextual features such as network packet size, login attempts, session duration, encryption usage, IP reputation score, and browser type. Three supervised machine learning models were evaluated, including Random Forest, Gradient Boosting, and Multi-Layer Perceptron Neural Network. The models were assessed using several evaluation metrics including accuracy, precision, recall, F1 score, ROC AUC, and Precision Recall AUC to provide a comprehensive performance evaluation. Experimental results demonstrate that the Gradient Boosting model achieved the best performance with the highest F1 score and ROC AUC values, indicating strong capability in distinguishing between normal and malicious network activities. Feature importance analysis further revealed that failed login attempts, login attempts, and IP reputation score are the most influential indicators for detecting cyber-attacks. The findings of this study highlight the effectiveness of ensemble-based machine learning approaches for cyber threat detection and provide practical insights for developing intelligent intrusion detection systems in modern network environments.