---
title: Network Intrusion Detection System
colorFrom: blue
colorTo: red
sdk: gradio
sdk_version: 4.0.0
app_file: app.py
pinned: false
license: mit
tags:
- ml-intern
---

# 🛡️ Network Intrusion Detection System (NIDS)

Real-time network intrusion detection using ML & Deep Learning models trained on the NSL-KDD dataset.

## Models
- **XGBoost** (best) — Accuracy 76.18%, AUC-ROC 95.75%
- **Random Forest** — Accuracy 73.10%, AUC-ROC 95.34%
- **MLP** — Deep learning baseline
- **Autoencoder** — Unsupervised anomaly detection
- **LSTM** — Sequential feature modeling
- **Transformer** — FlowTransformer-style architecture

## Dataset
[NSL-KDD](https://huggingface.co/datasets/Mireu-Lab/NSL-KDD) — 185K records, 41 features, binary classification (normal/anomaly)

## Usage

### REST API (FastAPI)
```bash
pip install fastapi uvicorn
uvicorn api:app --host 0.0.0.0 --port 8000
```

Endpoints:
- `GET /health` — Health check
- `GET /models` — List models
- `POST /predict` — Single flow detection
- `POST /predict/batch` — Batch detection
- `GET /stats` — Usage statistics

### Gradio UI
```bash
python app.py
```

## API Example
```bash
curl -X POST http://localhost:8000/predict \
  -H "Content-Type: application/json" \
  -d '{"features":[0,1,45,0,491,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,1,0,0,0,2,2,0,0,0,0,1,0,0,0,0.17], "model":"XGBoost"}'
```

## Results
| Model | Accuracy | Macro F1 | AUC-ROC | Type |
|-------|----------|----------|---------|------|
| XGBoost | 76.18% | 76.04% | 95.75% | Supervised |
| RandomForest | 73.10% | 73.05% | 95.34% | Supervised |
| MLP | 73.28% | 73.21% | 89.33% | Supervised |
| Autoencoder | 71.84% | 71.34% | 73.60% | Unsupervised |
| LSTM | 70.65% | 70.58% | 87.80% | Unsupervised |
| Transformer | 57.94% | 57.26% | 80.29% | Supervised |
| IsolationForest | 56.55% | 55.96% | 65.24% | Unsupervised |

## Project Structure
```
nids_project/
├── api.py           # FastAPI REST API
├── app.py           # Gradio web UI (this Space)
├── data_loader.py   # Dataset loading
├── ml_models.py     # ML implementations
├── dl_models.py     # DL implementations
├── realtime.py      # Real-time pipeline
├── realtime_batch.py # Batch throughput benchmark
├── Dockerfile       # Container image
└── requirements.txt # Dependencies
```