Design and Development of an AI-Driven Network Defence System for Real-time Threat Detection, Prevention and Traffic Analysis
Olowu Oluwapelumi Angel *
Department of Computer Engineering, Faculty of Engineering, Edo State Univerity Iyamho, Auchi, Nigeria.
Ikharo A. Braimoh
Department of Computer Engineering, Faculty of Engineering, Edo State Univerity Iyamho, Auchi, Nigeria.
*Author to whom correspondence should be addressed.
Abstract
The increasing complexity of modern computer networks has revealed the limitations in traditional rule-based intrusion detection and prevention systems, particularly in identifying evolving and zero-day cyber threats. A simulation-based experimental approach was adopted using a virtual enterprise network built on the EVE-NG platform to generate and monitor both benign and malicious traffic. A Random Forest machine learning model was trained offline using the CICIDS2018 dataset following comprehensive data preprocessing, feature correlation analysis, and dimensionality reduction through Principal Component Analysis (PCA). The trained model was integrated into a Python-based real-time intrusion detection and prevention system that captures live network traffic and automatically blocks malicious sources. Experimental results demonstrate that the proposed system achieved an overall accuracy of 89%, precision of 91%, recall of 88%, and a low false positive rate (FPR) of 2%. These findings indicate that the proposed AI-based framework provides an effective balance between detection accuracy, computational efficiency, and real-time responsiveness. The study confirms the practical viability of machine learning-driven intrusion prevention systems for enterprise networks and provides a scalable foundation for future enhancements using advanced learning models and real-world deployment.
Keywords: Artificial intelligence, intrusion detection and prevention, network security, machine learning, random forest, real-time monitoring, CICIDS2018 dataset.