Skip to content
/ NIDS-Project Public

A lightweight Network Intrusion Detection System (NIDS) built with Python, Streamlit, Scapy, and Scikit-Learn. It captures live packets, extracts source/destination IPs and size, applies K-Means clustering, flags anomalies, and visualizes results through an interactive Streamlit dashboard.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sumit48/NIDS-Project

BranchesTags

Repository files navigation

🛡️ Network Intrusion Detection System (NIDS)

Overview

This project implements a real-time Network Intrusion Detection System (NIDS) using Python. It captures network packets, clusters them by size, and detects anomalies to help identify suspicious network activity. The system provides interactive visualizations and raw packet data using Streamlit and Plotly.

Features

  • 🖥️ Real-time packet capturing with Scapy.
  • 📊 Packet clustering using K-Means.
  • 🚨 Simple anomaly detection based on packet size thresholds.
  • 📈 Interactive visualizations of clusters and anomalies with Plotly.
  • 🌐 Streamlit web interface for monitoring network traffic.

Installation

1.Clone the repository:

git clone git@github.com:sumit48/NIDS-Project.git cd NIDS-Project

2.Install dependencies:

pip install -r requirements.txt

3..Run the Streamlit app:

streamlit run app.py

4. Access the app in your browser:

Local URL: http://localhost:8501
Network URL: http://192.168.0.119:8501

Usage

1.Run the Streamlit app:

streamlit run app.py

The app is running. Open the above URLs in your browser to explore network traffic and alerts.

2.Select the number of packets to capture using the slider.

3.Click Start Monitoring to:

  • Capture packets.
  • Perform clustering.
  • Detect anomalies.
  • Display visualizations and raw packet data.

Code Structure

  • app.py → Main Streamlit application.
  • packet_sniffer.py → Captures network packets with Scapy.
  • clustering.py → Clusters packets and detects anomalies.
  • visualization.py → Generates Plotly charts for clusters and anomalies.
  • requirements.txt → Lists Python dependencies.

Output

  • Packet Clustering: Visualizes packet sizes grouped into clusters.
  • Anomaly Detection: Highlights unusually large packets that may indicate suspicious activity.
  • Raw Packet Data: Shows captured packets with source (src), destination (dst), and length (len) details. Source and Destination: Captured from the IP header of each network packet using Scapy.

Screenshots

1 2

Conclusion

This project demonstrates a simple yet effective NIDS workflow. By capturing and analyzing real-time network traffic, it identifies potential anomalies that could indicate network intrusions. The use of clustering and threshold-based anomaly detection provides insights into traffic patterns, while the interactive visualizations make monitoring intuitive. This system can be expanded with more sophisticated detection algorithms for production-level network security monitoring.

About

A lightweight Network Intrusion Detection System (NIDS) built with Python, Streamlit, Scapy, and Scikit-Learn. It captures live packets, extracts source/destination IPs and size, applies K-Means clustering, flags anomalies, and visualizes results through an interactive Streamlit dashboard.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages