AUTOMATED DETECTION OF ANOMALIES IN CORPORATE WIRELESS NETWORK TRAFFIC USING PYTHON: METHODS, IMPLEMENTATION, AND EFFECTIVENESS EVALUATION
DOI:
https://doi.org/10.28925/2663-4023.2025.29.939Keywords:
anomaly detection, wireless networks, machine learning, XGBoost, CNN-GRU, SHAP, IDS, Wi-Fi trafficAbstract
This article presents the results of a study focused on the development and comparative evaluation of models for automated anomaly detection in corporate wireless network traffic. The introduction substantiates the relevance of cybersecurity challenges in the context of increasing Wi-Fi traffic volumes and the growing complexity of attack types, which necessitate the use of intelligent intrusion detection systems. The theoretical foundations section reviews signature-based and behavioral analysis concepts, IDS/WIDS system principles, and modern approaches to anomaly detection using machine learning and deep learning. Special attention is given to explainable artificial intelligence (XAI) and its role in enhancing model transparency.
The data selection and preprocessing section describes the use of two representative datasets — AWID-3 and UNSW-NB15 — covering a wide range of attacks and normal traffic. Preprocessing steps included data cleaning, normalization, categorization, and class balancing using SMOTE and random undersampling. The implementation section outlines the architectures of SVM, Random Forest, XGBoost, and CNN-GRU models, using Scikit-learn, TensorFlow, Keras, and SHAP libraries. The CNN-GRU model combines convolutional and recurrent layers, enabling effective processing of temporal dependencies in traffic data.
The comprehensive model evaluation section compares performance across accuracy, latency, explainability, and stability metrics. CNN-GRU achieved the highest classification accuracy, while XGBoost demonstrated the best balance between precision and responsiveness. SHAP visualizations revealed that session duration, packet count, and protocol type are the most influential features. Stability analysis under noisy conditions, variable load, and limited training data confirmed the advantages of adaptive architectures.
The conclusions summarize the findings and outline future research directions: integration of models into real-world corporate systems, enhancement of explainability, deployment in 5G/6G and IoT environments, and automation of architecture design using meta-learning techniques.
Downloads
References
Nguyen, K. D., Fazio, P., & Voznak, M. (2024). A novel deep learning framework for intrusion detection systems in wireless networks. Future Internet, 16(8), 264. https://www.mdpi.com/1999-5903/16/8/264
Shalini, K., & Thatikonda, A. (2023). Autoencoder-based anomaly detection in wireless sensor networks. SSRG International Journal of Electronics and Communication Engineering, 11(8), 151–159. https://doi.org/10.14445/23488549/IJECE-V11I8P116
Prajapati, V. (2025). Python-based IDS for Wi-Fi networks using XGBoost and SHAP. GitHub Repository. https://github.com/VishalPrajapati3112/CodeAlpha_Network_Intrusion-Detection-System
Huang, H., Wang, P., Pei, J., Wang, J., Alexanian, S., & Niyato, D. (2025). Deep learning advancements in anomaly detection: A comprehensive survey. arXiv preprint. https://arxiv.org/pdf/2503.13195
Rhachi, H., Balboul, Y., & Bouayad, A. (2025). Enhanced anomaly detection in IoT networks using deep autoencoders with feature selection techniques. Sensors, 25(10), 3150. https://www.mdpi.com/1424-8220/25/10/3150
Edozie, E., Shuaibu, A. N., Sadiq, B. O., & John, U. K. (2025). Artificial intelligence advances in anomaly detection for telecom networks. Artificial Intelligence Review, 58, Article 100. https://link.springer.com/article/10.1007/s10462-025-11108-x
Kumar, A. (2024). Distributed anomaly detection in wireless sensor networks: A review. International Journal of Innovative Research in Multidisciplinary Physical Sciences, 12(2). https://www.ijirmps.org/papers/2024/2/230509.pdf
Prajapati, V. (2025). Python-based IDS for Wi-Fi networks using XGBoost and SHAP. GitHub Repository. https://github.com/VishalPrajapati3112/CodeAlpha_Network_Intrusion-Detection-System
Rhachi, H., Balboul, Y., & Bouayad, A. (2025). Enhanced anomaly detection in IoT networks using deep autoencoders with feature selection techniques. Sensors, 25(10), 3150. https://www.mdpi.com/1424-8220/25/10/3150
Ren, J., Tang, T., Jia, H., Xu, Z., Fayek, H., Li, X., Ma, S., Xu, X., & Xia, F. (2025). Foundation models for anomaly detection: Vision and challenges. arXiv preprint. https://arxiv.org/abs/2502.06911
Antwarg, L., Mindlin Miller, R., Shapira, B., & Rokach, L. (2020). Explaining anomalies detected by autoencoders using SHAP. Preprint submitted to Journal of Artificial Intelligence. https://arxiv.org/pdf/1903.02407
Imrana, Y., Xiang, Y., Ali, L., Noor, A., Sarpong, K., & Abdullah, M. A. (2024). CNN-GRU-FF: A double-layer feature fusion-based network intrusion detection system using convolutional neural network and gated recurrent units. Complex & Intelligent Systems, 10, 3353–3370. https://link.springer.com/article/10.1007/s40747-023-01313-y
Складанний , П., Костюк, Ю., Рзаєва, С., Самойленко, Ю., & Савченко, Т. (2025). Розробка модульних нейронних мереж для виявлення різних класів мережевих атак. Кібербезпека: освіта, наука, техніка, 3(27), 534–548. https://doi.org/10.28925/2663-4023.2025.27.772
Костюк, Ю., Бебешко, Б., Гулак, Г., Складанний, П., Рзаєва, С., & Хорольська, К. (2024). Забезпечення кібербезпеки та швидкодії передачі даних у безпровідних мережах. Безпека інформації, 30(3), 365–375. https://doi.org/10.18372/2225-5036.30.20357
Костюк, Ю., Бебешко, Б., Крючкова, Л., Литвинов, В., Оксанич, І., Складанний, П., & Хорольська, К. (2024). Захист інформації та безпека обміну даними в безпроводових мобільних мережах з автентифікацією і протоколами обміну ключами. Кібербезпека: освіта, наука, техніка, 1(25), 229–252. https://doi.org/10.28925/2663-4023.2024.25.229252
V. Sokolov, P. Skladannyi, A. Platonenko, Jump-Stay Jamming Attack on Wi-Fi Systems, in: IEEE 18th International Conference on Computer Science and Information Technologies (2023) 1–5. doi: 10.1109/CSIT61576.2023.10324031.
Kostiuk, Yu. V., Skladannyi, P. M., Bebeshko, B. T., Khorolska, K. V., Rzaieva, S. L., & Vorokhob, M. V. (2025). Information and communication systems security. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Kostiuk, Yu. V., Skladannyi, P. M., Hulak, H. M., Bebeshko, B. T., Khorolska, K. V., & Rzaieva, S. L. (2025). Information security systems. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Hulak, H. M., Zhyltsov, O. B., Kyrychok, R. V., Korshun, N. V., & Skladannyi, P. M. (2023). Enterprise information and cyber security. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Ізабелла Соболенко , Артем Платоненко
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
