Anomaly Detection for Network Traffic
This project aims to develop a machine learning-based system for detecting anomalies in network traffic data within a Docker environment. By analyzing diverse metrics such as CPU usage, throughput, request latency, memory usage, and limit, the system can identify abnormal patterns and potential security breaches or network failures. The project utilizes the Isolation Forest Algorithm to isolate anomalies and provides network administrators and security teams with valuable analysis for early detection and mitigation of network anomalies.
This project aims to develop a system for detecting anomalies in docker’s network traffic data using machine learning techniques. Anomalies in network traffic in the docker environment can indicate potential security breaches, network failures, or abnormal behavior that requires investigation. By building an accurate anomaly detection model, this project seeks to enhance network monitoring and improve the overall security and performance of the docker’s network infrastructure.
The project leverages a dataset collected from a custom docker environment. The dataset encompasses different metrics such as cpu usage,throughput, request latency, memory usage, and limit. This diverse set of metrics provides valuable insights into network behavior and enables the detection of abnormal patterns.
The primary objective of this project is to develop a robust anomaly detection model that can effectively identify deviations from normal docker behavior. The model utilizes an Isolation Forest Algorithm to isolate the anomalies from the data. This project offers network administrators and security teams a valuable analysis for early detection and mitigation of potential network anomalies. By promptly identifying suspicious activities or performance irregularities, the system can aid in rapid response and reduce the impact of security incidents or network disruptions.
Flask, Docker, Prometheus, Grafana, scikit-learn, pandas, NumPy, matplotlib, sqlite