<a href="https://colab.research.google.com/github/OneFineStarstuff/OneFineStarstuff/blob/main/Example_Anomaly_Detection_for_Cybersecurity_Threats.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [None]:
from sklearn.ensemble import IsolationForest
from sklearn.preprocessing import StandardScaler
import numpy as np

def preprocess_network_data(raw_data):
    # Convert IP addresses to integers and add other relevant features
    preprocessed_data = []
    for record in raw_data:
        source_ip = int(record['source_ip'].replace('.', ''))
        destination_ip = int(record['destination_ip'].replace('.', ''))
        data_length = len(record['data'])
        timestamp = int(record['timestamp'].replace('-', '').replace(':', '').replace('T', ''))
        preprocessed_data.append([source_ip, destination_ip, data_length, timestamp])
    return np.array(preprocessed_data)

def get_network_traffic_data():
    # Simulated function to fetch real-time network traffic data
    # In a real implementation, this would involve capturing actual network packets
    network_data = [
        {"timestamp": "2024-12-02T23:39:00", "source_ip": "192.168.1.1", "destination_ip": "192.168.1.2", "data": "example_packet_data_1"},
        {"timestamp": "2024-12-02T23:39:05", "source_ip": "192.168.1.3", "destination_ip": "192.168.1.4", "data": "example_packet_data_2"},
        # More simulated network traffic data...
    ]
    return network_data

# Real-time anomaly detection for cybersecurity
raw_network_data = get_network_traffic_data()
network_data = preprocess_network_data(raw_network_data)

# Standardize the data
scaler = StandardScaler()
network_data_scaled = scaler.fit_transform(network_data)

# Train the IsolationForest model
model = IsolationForest(contamination=0.1, n_estimators=100, max_samples='auto', random_state=42)
model.fit(network_data_scaled)

# Detect anomalies
anomalies = model.predict(network_data_scaled)
anomalies_indices = [index for index, value in enumerate(anomalies) if value == -1]

print("Detected Anomalies at Indices:", anomalies_indices)