Machine Learning-Based Network Intrusion Detection Using NetFlow Traffic Analysis with Linear Kernel PCA

The growth of computer network has led to complex and voluminous network traffic. this increased exposure to cyber threats. old intrusion detection systems, which rely on signatures struggle to detect attacks. this study proposes a system using machine learning and netflow data to improve detection. the system uses 1,048,575 labeled network flow records with 53 features. these features describe communication sessions, the data has dimensions and potential redundancies. to simplify linear kernel principle component analysis(KPCA) was used. KPCA reduced complexity while keeping traffic patterns. this helped remove correlated attributes and improve model stability. several classification algorithms were tested. these included decision tree, k-nearest neighbors, gradient boosting, catboost, lightGBM, linear discriminant analysis and logistic regression. different train- test splits were used. The results show that the decision tree classifier works best. it achieved an accuracy of 95.18% with the 0.2 split the models performed well across data distributions. This confirms that the proposed framework is effective. the findings suggest that combining flow-based analysis with linear kernel PCA and machine learning can create an intrusion detection system. such a system is suitable, for large scale network environments. the system is efficient and scalable. it can handle network traffic, the approach can detect evolving attacks. it overcomes the limitations of intrusion detection systems.