Abstract. The development of information technology continues to highlight the importance of ensuring the security of information resources. The increasing number of various types of information threats complicates the detection of attacks. The objective of the study is to apply artificial intelligence methods for attack detection while minimizing the number of traffic features to achieve the required detection quality. To train AI, it is necessary to create a high-quality dataset that allows for the accurate identification of attack features in network traffic. The proposed approach uses AI trained on the UNSW-NB 15 dataset, which includes nine types of network attacks: Fuzzers, Analysis, Backdoors, DoS, Exploits, Generic, Reconnaissance, Shellcode, and Worms. For implementation, Python is used with the Pytorch and Pandas libraries for data processing. An analysis of the software module’s performance was conducted, along with the application of binary evaluation methods such as the Kappa Coefficient and the Jaccard Index. The effectiveness of the proposed AI model is evaluated using classification metrics: Accuracy, Precision, Recall, and F1 Score. Testing of the developed model with different sets of features revealed that the model achieves high-quality prediction of anomalous traffic when using five selected features. The performance of the AI model was assessed using the Kappa Coefficient and the Jaccard Index. Effective classification thresholds were calculated based on the results, improving the quality of anomalous traffic prediction. The evaluation results show that the developed model, trained on the UNSW-NB 15 dataset, can accurately detect traffic anomalies, thereby contributing to the information security of information resources.
Keywords: network traffic, artificial intelligence, neural networks, attack detection, dataset, UNSW-NB, Kappa Coefficient, Jaccard Index.