Author(s) :

Yu Milan.

Volume/Issue :

Abstract :

Cyber-attacks continue to impose serious threats to modern digital systems, creating an urgent need for interpretable and effective methods in detecting intrusions. This study examines the use of network traffic features to predict cyber intrusions by specifically applying a regression-based quantitative framework. Using the publicly available NSL-KDD intrusion detection dataset, this study conducted a quantitative analysis with a total of 125,973 records of network connections that were labeled as either normal traffic or intrusion attempts. Connection duration, protocol type, number of failed login attempts, server-side error rate, and connection count were the five chosen network-level features to capture abnormal network behavior. A binary logistic regression model was employed to estimate the likelihood for a given network connection to be classified as an intrusion. When evaluating the model performance, accuracy, precision, recall and a confusion matrix were specifically utilized. The model achieved an overall accuracy of approximately 90.8%, with high precision and recall for detecting intrusion attempts. However, it shall be noted that simulated network traffic was used to derive NSLKDD dataset as a benchmark dataset. Therefore, the results primarily indicate methodological feasibility rather than deployment performance in the real-world setting. This indicated that the majority of attack attempts were identified correctly, while minimizing false alarms. These findings support how the simple mathematical models may be effective in detecting intrusions in the field of cyber-security and other applications, while highlighting the importance of transparent and quantitative approaches to intrusion detection. This study demonstrates that regression-based modeling may be effective in identifying cyber threats as an interpretable framework in the use of network traffic data.