🛡️

Network Intrusion Detection System

Powered by a deep-learning LSTM model trained on real network traffic data

📡
What this tool does

Analyses 8 statistical features extracted from a network flow and classifies it as Normal traffic or an Anomaly (potential intrusion).

🤖
How the model works

Your input is fed into a trained LSTM neural network. The model outputs a probability score — values above 0.5 are flagged as anomalies.

⚠️
When to use it

Paste feature values captured from a network monitoring tool (e.g. CICFlowMeter) to quickly check whether a flow looks suspicious.

Enter Network Flow Features

Fill in all 8 fields below with values from your network capture, then click Analyse Traffic.

Total duration of the network flow in microseconds — from the first to the last packet.

Number of packets sent in the forward direction (from client to server).

Number of packets sent in the backward direction (from server back to client).

Average size of all packets in this flow, measured in bytes.

Standard deviation of packet sizes — high values indicate irregular packet sizes, a common attack indicator.

Average time between consecutive packets in the flow. Very low values can suggest flood attacks.

Mean idle time — periods when no packets were sent. Helps distinguish bursty from continuous traffic.

Standard deviation of idle times. High variance can indicate evasion techniques used by attackers.