AI-BASED INTRUSION DETECTION SYSTEM TO PREVENT

DATA BREACHES

Project Proposal

Submitted by:
NANDUDU SARAH
REG NO. 23/U/ITE/10513/PE

SCHOOL OF COMPUTING
BACHELOR OF INFORMATION TECHNOLOGY AND COMPUTING
KYAMBOGO UNIVERSITY

Date: 30TH APIRL 2025

Declaration
I Nandudu Sarah hereby declare that this project proposal entitled 'AI-Based Intrusion Detection System
to Prevent Data Breaches' is my own work and has not been submitted elsewhere and is true to the best
of my knowledge.

Student Name: ______________________________

Date: ______________________________
Approval
This project proposal entitled 'AI-Based Intrusion Detection System to Prevent Data Breaches' has been
submitted for review to Dr. Aguti Beatrice, a lecturer at Kyambogo University.

Signature: ____________________________
Date: ____________________________
Acknowledgment
I would like to express my sincere gratitude to my lecturers, and peers for their invaluable guidance and
support throughout this research journey. Special thanks to my family and friends for their constant
encouragement.
Table of Contents
Declaration..................................................................................................................................................2
Approval......................................................................................................................................................3
Acknowledgment.........................................................................................................................................4
Chapter One: Introduction..........................................................................................................................6
1.1 Background of the Study...................................................................................................................6
1.2 Problem Statement............................................................................................................................6
1.3 Purpose of the Study.........................................................................................................................6
1.4 Research Objectives...........................................................................................................................6
1.5 Research Scope..................................................................................................................................6
1.6 Significance of the Study....................................................................................................................7
Chapter Two: Literature Review..................................................................................................................8
2.1 Intrusion Detection Systems (IDS).....................................................................................................8
2.2 Data Breaches and Threat Landscape................................................................................................8
2.3 AI and Machine Learning in Cybersecurity.........................................................................................8
2.4 Recent Research and Applications.....................................................................................................8
2.5 Research Gaps...................................................................................................................................8
Chapter Three: Methodology......................................................................................................................9
3.1 Research Design.................................................................................................................................9
3.2 Data Collection..................................................................................................................................9
3.3 Model Development..........................................................................................................................9
3.4 Development Tools and Technologies...............................................................................................9
3.5 System Testing and Evaluation..........................................................................................................9
3.6 Ethical Considerations.......................................................................................................................9
Case Study: AI-Driven Intrusion Detection at XYZ Corp.............................................................................10
References.................................................................................................................................................11
Appendix...................................................................................................................................................12
Chapter One: Introduction
1.1 Background of the Study
In an era where data is the new currency, the frequency and severity of data breaches have reached
alarming levels. Organizations across sectors—ranging from finance to healthcare—are experiencing
increasingly sophisticated attacks that bypass traditional security defenses. Intrusion Detection Systems
(IDSs) have long served as a vital line of defense against cyber intrusions. However, most conventional
IDSs rely on static rules and signature-based detection, which makes them ineffective against zero-day
threats and adaptive cyberattacks. Artificial Intelligence (AI), specifically Machine Learning (ML),
presents a promising solution to these limitations. This study proposes the development of an AI-based
IDS capable of intelligently detecting anomalous behavior in real-time to prevent data breaches.

1.2 Problem Statement

Traditional IDS models often struggle with accuracy and adaptability. They frequently generate false
positives and fail to identify complex or novel attack patterns. Furthermore, the increasing scale and
diversity of cyber threats demand more dynamic solutions. The core issue is the lack of intelligent,
adaptive, and real-time threat detection systems. This project aims to solve this by developing an AI-
powered IDS that can learn from past data and adapt to new intrusion techniques, thereby effectively
preventing data breaches.

1.3 Purpose of the Study

The primary purpose of this study is to design and implement an AI-based Intrusion Detection System
that leverages machine learning algorithms to detect and respond to potential data breaches. The
system will be evaluated based on its ability to detect threats accurately and in real-time, with minimal
false positives.

1.4 Research Objectives

- To explore the limitations of traditional intrusion detection systems.
- To design and train machine learning models for identifying malicious network behavior.
- To implement and test an AI-based IDS prototype.
- To evaluate the system’s performance in terms of accuracy, precision, recall, and false positive rate.

1.5 Research Scope

The study will focus on network-based intrusion detection and will use publicly available datasets such
as CICIDS2017. Machine learning models will be developed and tested in a controlled environment using
simulation tools. The scope will exclude physical security and endpoint protection mechanisms.
1.6 Significance of the Study
This project contributes to the growing field of intelligent cybersecurity solutions. By applying AI to
intrusion detection, the proposed system has the potential to significantly reduce the risk of data
breaches. The study will also serve as a resource for future researchers and developers aiming to
enhance cybersecurity frameworks with machine learning technologies.
Chapter Two: Literature Review
This chapter reviews the existing literature on intrusion detection systems, the evolution of data
breaches, and the application of artificial intelligence in cybersecurity. It provides context to the
proposed study and identifies gaps in current research that this project aims to address.

2.1 Intrusion Detection Systems (IDS)

Intrusion Detection Systems (IDS) are designed to detect unauthorized access or abnormal activity
within a network. They are broadly categorized into signature-based and anomaly-based systems.
Signature-based systems compare observed activities against known threat patterns, while anomaly-
based systems identify deviations from established behavior profiles. Despite their utility, these systems
often lack adaptability and fail to detect novel threats.

2.2 Data Breaches and Threat Landscape

Data breaches have grown in frequency and complexity, with attackers employing sophisticated
techniques to exploit vulnerabilities. According to multiple cybersecurity reports, human error, social
engineering, and system misconfigurations are among the leading causes. The financial and reputational
impacts of breaches have pushed organizations to seek more advanced protective technologies.

2.3 AI and Machine Learning in Cybersecurity

AI has emerged as a transformative force in cybersecurity, particularly through machine learning.
Supervised learning methods such as Decision Trees, Random Forest, and Support Vector Machines
(SVM) have shown promise in detecting known threats. Meanwhile, unsupervised methods like
clustering and anomaly detection help uncover previously unseen attack vectors. Deep learning
techniques, including auto encoders and neural networks, are gaining popularity for their ability to
process vast amounts of data and learn complex patterns.

2.4 Recent Research and Applications

Studies have explored AI-based IDS implementations using various datasets such as NSL-KDD, KDD99,
and CICIDS2017. Results indicate significant improvements in accuracy and threat identification, though
issues with scalability and false positives remain. Hybrid systems combining multiple ML models are also
being investigated for enhanced reliability.

2.5 Research Gaps

Despite advancements, most AI-IDS systems are limited by static models, lack real-time capability, or are
poorly integrated into existing network environments. This study seeks to bridge these gaps by
developing a dynamic, real-time IDS with high accuracy and low false-positive rates using current AI
methodologies.
Chapter Three: Methodology
This chapter outlines the research methodology for designing, developing, and testing the AI-based IDS
prototype. It includes research design, data sources, development tools, model training, and evaluation
techniques.

3.1 Research Design

The research follows an applied design, focusing on building a functional prototype using AI techniques.
The methodology is iterative, involving design, development, and testing phases.

3.2 Data Collection

Public datasets such as CICIDS2017 and NSL-KDD will be used. These datasets contain labeled network
traffic data including both normal behavior and a variety of attack types. Additional simulated traffic
may be generated to test real-time detection.

3.3 Model Development

The system will implement both supervised and unsupervised machine learning models. Supervised
models (e.g., Random Forest, SVM) will classify known attacks, while unsupervised models (e.g.,
Isolation Forest, Auto encoders) will detect anomalies. The models will be trained using a portion of the
dataset and validated with unseen data.

3.4 Development Tools and Technologies

Development will be conducted in Python using libraries such as Scikit-learn, TensorFlow, and Pandas.
Network traffic analysis tools like Wireshark and packet generators will be used. Flask or Django may be
employed for building a web-based interface.

3.5 System Testing and Evaluation

System performance will be evaluated using accuracy, precision, recall, F1-score, and false positive rate.
Stress testing with varying traffic loads will assess scalability. The model’s ability to detect both known
and unknown threats in real-time will be emphasized.

3.6 Ethical Considerations

All data used will be publicly available and anonymized. No personal or sensitive data will be collected or
processed in this study.
Case Study: AI-Driven Intrusion Detection at XYZ Corp
XYZ Corp, a mid-sized fintech company, faced a data breach due to an undetected Advanced Persistent
Threat (APT). After adopting an AI-based IDS, the company reduced breach incidents by 75% within six
months, showcasing the potential of AI in real-world cybersecurity environments.
References
- Patcha, A., & Park, J. M. (2007). An Overview of Anomaly Detection Techniques. Computer Networks.
- Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A Detailed Analysis of the KDD Cup 99 Data
Set.
- CICIDS2017 Dataset. Canadian Institute for Cybersecurity.
- Bhattacharya, S., & Jha, R. (2021). Artificial Intelligence in Cybersecurity. Journal of Computer Security.
Appendix
Appendix A: Sample Network Traffic Data
Appendix B: Model Training Logs
Appendix C: Evaluation Metrics and Graphs
Appendix D: System Architecture Diagrams