Dataset Overview

This project employs the CICIDS2017 network‑traffic dataset for machine‑learning‑based malicious traffic identification.

Libraries Used

Import Libraries – load pandas, seaborn, matplotlib, etc.
Read Data – use pandas.read_csv() to load CSV files for different dates.
Data Cleaning:
- Handle missing values (e.g., drop rows or impute with mean/median).
- Remove irrelevant columns.
- Encode categorical features (e.g., label encoding).
- Reduce memory usage (e.g., adjust dtypes).
- Drop features with a single unique value.
Dimensionality Reduction (optional) – apply PCA or t‑SNE for visualization.
Feature Selection – analyze feature importance and select relevant features for model training.

Distribution Analysis – use bar charts, histograms to explore feature distributions across traffic types (benign, DoS, etc.).
Correlation Analysis – heatmaps to identify relationships between features and target variable.
Class Imbalance – assess imbalance in traffic types; if present, apply oversampling techniques such as SMOTE.

Data Split – use train_test_split to divide data into training and testing sets.
Model Selection – choose classification models (e.g., Random Forest). GPU‑accelerated options like cuml may be considered.
Training – train the model on the training set.
Evaluation – assess performance using accuracy, confusion matrix, classification report.

Present Results – report accuracy, confusion matrix, classification report.
Discuss Findings – analyze strengths, weaknesses, and impact of feature selection.
Future Work – outline potential improvements and further research directions.

The code is organized by functionality: data preprocessing, feature engineering, model training, and evaluation, with comments explaining each section.