In [4]:
import pandas as pd 
from sklearn.preprocessing import LabelEncoder, OneHotEncoder, StandardScaler
from sklearn.linear_model import LogisticRegression
from sklearn.model_selection import train_test_split
from sklearn.metrics import classification_report, confusion_matrix
from sklearn.pipeline import Pipeline
from sklearn.compose import ColumnTransformer
from sklearn.impute import SimpleImputer
df = pd.read_csv("cybersecurity_attacks.csv")
df.info()

<class 'pandas.core.frame.DataFrame'>
RangeIndex: 40000 entries, 0 to 39999
Data columns (total 25 columns):
 #   Column                  Non-Null Count  Dtype  
---  ------                  --------------  -----  
 0   Timestamp               40000 non-null  object 
 1   Source IP Address       40000 non-null  object 
 2   Destination IP Address  40000 non-null  object 
 3   Source Port             40000 non-null  int64  
 4   Destination Port        40000 non-null  int64  
 5   Protocol                40000 non-null  object 
 6   Packet Length           40000 non-null  int64  
 7   Packet Type             40000 non-null  object 
 8   Traffic Type            40000 non-null  object 
 9   Payload Data            40000 non-null  object 
 10  Malware Indicators      20000 non-null  object 
 11  Anomaly Scores          40000 non-null  float64
 13  Attack Type             40000 non-null  object 
 14  Attack Signature        40000 non-null  object 
 15  Action Taken            40000 non-null

In [5]:
# Step 1: Create binary target: High/Medium = 1, Low = 0
df['Severity Binary'] = df['Severity Level'].apply(lambda x: 1 if x in ['High', 'Medium'] else 0)

# Step 2: Drop high-cardinality or text-heavy columns
drop_cols = ['Timestamp', 'Source IP Address', 'Destination IP Address', 'Payload Data',
             'User Information', 'Device Information', 'Geo-location Data', 'Proxy Information',
             'Firewall Logs', 'IDS/IPS Alerts', 'Malware Indicators', 'Alerts/Warnings', 'Attack Signature']
df_model = df.drop(columns=drop_cols)

In [6]:
# Step 3: Define features and target
target = 'Severity Binary'
X = df_model.drop(columns=['Severity Level', target])
y = df_model[target]


In [8]:
# Identify column types
numeric_features = X.select_dtypes(include=['int64', 'float64']).columns.tolist()
categorical_features = X.select_dtypes(include=['object']).columns.tolist()


In [9]:
# Step 4: Preprocessing pipeline
numeric_transformer = Pipeline(steps=[
    ('imputer', SimpleImputer(strategy='mean')),
    ('scaler', StandardScaler())
])
categorical_transformer = Pipeline(steps=[
    ('imputer', SimpleImputer(strategy='most_frequent')),
    ('onehot', OneHotEncoder(handle_unknown='ignore'))
])
preprocessor = ColumnTransformer(
    transformers=[
        ('num', numeric_transformer, numeric_features),
        ('cat', categorical_transformer, categorical_features)
    ])

# Step 5: Create full pipeline with Logistic Regression
clf = Pipeline(steps=[
    ('preprocessor', preprocessor),
    ('classifier', LogisticRegression(max_iter=1000))
])

In [10]:
# Train/test split
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, stratify=y, random_state=42)

# Fit model
clf.fit(X_train, y_train)

# Predict and evaluate
y_pred = clf.predict(X_test)
report = classification_report(y_test, y_pred, output_dict=True)
conf_matrix = confusion_matrix(y_test, y_pred)

(report, conf_matrix)

  _warn_prf(average, modifier, f"{metric.capitalize()} is", len(result))
  _warn_prf(average, modifier, f"{metric.capitalize()} is", len(result))
  _warn_prf(average, modifier, f"{metric.capitalize()} is", len(result))


({'0': {'precision': 0.0, 'recall': 0.0, 'f1-score': 0.0, 'support': 2637.0},
  '1': {'precision': 0.670375,
   'recall': 1.0,
   'f1-score': 0.8026640724388237,
   'support': 5363.0},
  'accuracy': 0.670375,
  'macro avg': {'precision': 0.3351875,
   'recall': 0.5,
   'f1-score': 0.4013320362194118,
   'support': 8000.0},
  'weighted avg': {'precision': 0.44940264062500007,
   'recall': 0.670375,
   'f1-score': 0.5380859275611763,
   'support': 8000.0}},
 array([[   0, 2637],
        [   0, 5363]]))