Evaluating Supervised Machine Learning Algorithms for Cybersecurity Threat Detection Using the CICIDS 2023 Dataset

Abstract

With the increasing volume and sophistication of network threats in IoT environments, real-time intrusion detection has become essential for securing cyber-physical systems. This study investigates the use of supervised machine learning algorithms to detect network intrusions using the CICIDS 2023 dataset. Five classification models—Logistic Regression, Support Vector Machine, Random Forest, XGBoost, and k-Nearest Neighbors—were evaluated for their effectiveness in both binary and multi-class classification tasks. The study incorporates feature selection, dimensionality reduction, and a deployment-oriented performance metric called Real-Time Suitability Score (RTSS) to assess the trade-off between accuracy, inference speed, and model size. The experimental results highlight the potential of lightweight models for deployment in constrained environments and demonstrate the impact of feature importance and classification performance on real-time detection. The findings contribute to the design of efficient and explainable AI-based intrusion detection systems, and recommendations for future work include improving model interpretability and expanding evaluation to more diverse threat categories.