PERFORMANCE EVALUATION OF ML-BASED ANOMALY DETECTION TECHNIQUES IN NETWORK SECURITY

Network security has become a key issue in cybersecurity, and this has forced organizations to protect their valuable
resources and sensitive information against dynamic cyber threats. This literature review explains the field's transformation by
examining research trends, methodologies, challenges, and achievements that have led to the development of anomaly detection
systems. The digital age is evolving rapidly, and one solution to the growing, increasingly advanced cybercrimes is the use of
anomaly detection to improve network security. The paper proposes a CNN-based intrusion detection model using the UNSWNB15
dataset. The used methodology includes a large portion of preprocessing, which includes data cleaning, normalization of Zscores,
Min-max scaling, the selection of features based on the Select-K-Best tool, and balancing of classes by using the SMOTE
technique to preserve the quality of data and model strength. The model was trained and evaluated based on an 80/20-percent
dataset division, accuracy (ACC), precision (PRE), recall (REC), F1-score (F1), confusion matrix, and ROC-AUC. The
experimental results have demonstrated that the CNN model had an accuracy of 98.73% and precision of 96.61% and recall of
96.44, and F1-score of 93.98 with an ROC-AUC of 0.98 and hence good discriminative performance. The proposed CNN model
was more reliable and effective than LSTM, Extreme Trees (ET), and Logistic Regression (LR) for detecting network security
anomalies.