Update app.py

app.py

@@ -3,7 +3,7 @@ import pandas as pd
 import pickle
 import joblib
 
-# ------------------- Load Artifacts -------------------
+# Load model artifacts
 @st.cache_resource
 def load_model_artifacts():
     with open('features_to_drop.pkl', 'rb') as f:
@@ -13,75 +13,70 @@ def load_model_artifacts():
     model = joblib.load('xgb_model.pkl')
     return features_to_drop, category_encodings, model
 
-# ------------------- Preprocess Function -------------------
+# Preprocessing function
 def preprocess_input(df, features_to_drop, category_encodings):
     df = df.copy()
-
-    # Ensure numeric conversion
-    for col in ["Stime", "Ltime", "sbytes", "dbytes", "Spkts", "Dpkts"]:
-        df[col] = pd.to_numeric(df[col], errors='coerce')
-
-    # Create engineered features
-    df["duration"] = df["Ltime"] - df["Stime"]
-    df["byte_ratio"] = df["sbytes"] / (df["dbytes"] + 1)
-    df["pkt_ratio"] = df["Spkts"] / (df["Dpkts"] + 1)
-
-    # Drop features removed during training
-    drop_cols = list(features_to_drop.intersection(set(df.columns)))
+    drop_cols = list(features_to_drop.intersection(df.columns))
     df.drop(columns=drop_cols, inplace=True, errors='ignore')
-
-    # Encode categoricals
     for col, cats in category_encodings.items():
         if col in df.columns:
             df[col] = df[col].astype(str)
             df[col] = pd.Categorical(df[col], categories=cats)
             df[col] = df[col].cat.codes
-
     df = df.fillna(0)
     return df
 
-# ------------------- Streamlit UI -------------------
-st.set_page_config("Intrusion Detection - Manual Test", layout="wide")
-st.title("Intrusion Detection System (IDS) - Manual Row Test")
+# UI layout
+st.set_page_config("IDS - Selected Features Input", layout="wide")
+st.title("Intrusion Detection System (IDS) - Manual Test Input")
 
-st.markdown("Enter a single row of network traffic data below for intrusion detection:")
+st.markdown("Enter selected features for a single row of network flow data:")
 
-with st.form("manual_input_form"):
+with st.form("selected_input_form"):
     col1, col2 = st.columns(2)
     with col1:
-        Stime = st.number_input("Stime (Start Time)", min_value=0.0, step=1.0)
-        sbytes = st.number_input("sbytes (Source Bytes)", min_value=0, step=1)
-        Spkts = st.number_input("Spkts (Source Packets)", min_value=0, step=1)
-        proto = st.selectbox("Protocol (proto)", ["tcp", "udp", "icmp", "-"])
-        service = st.text_input("Service (e.g., http, dns, -)", value="-")
+        dur = st.number_input("Duration of Flow (`dur`)", min_value=0.0, step=0.001)
+        proto = st.selectbox("Protocol (`proto`)", ["tcp", "udp", "icmp", "-"])
+        service = st.text_input("Service (`service`)", value="-")
+        state = st.selectbox("State (`state`)", ["CON", "INT", "FIN", "REQ", "-"])
+        sbytes = st.number_input("Source Bytes (`sbytes`)", min_value=0)
+        spkts = st.number_input("Source Packets (`spkts`)", min_value=0)
+        sttl = st.number_input("Source TTL (`sttl`)", min_value=0)
+        sload = st.number_input("Source Load (`sload`)", min_value=0.0)
+
     with col2:
-        Ltime = st.number_input("Ltime (End Time)", min_value=0.0, step=1.0)
-        dbytes = st.number_input("dbytes (Destination Bytes)", min_value=0, step=1)
-        Dpkts = st.number_input("Dpkts (Destination Packets)", min_value=0, step=1)
-        state = st.selectbox("State", ["CON", "INT", "FIN", "RST", "REQ", "-"])
-        attack_cat = st.text_input("Optional: Known Attack Category", value="")
+        dbytes = st.number_input("Destination Bytes (`dbytes`)", min_value=0)
+        dpkts = st.number_input("Destination Packets (`dpkts`)", min_value=0)
+        sloss = st.number_input("Source Packet Loss (`sloss`)", min_value=0)
+        swin = st.number_input("Source TCP Window Size (`swin`)", min_value=0)
+        trans_depth = st.number_input("Transaction Depth (`trans_depth`)", min_value=0)
+        ct_flw_http_mthd = st.text_input("HTTP Method (`ct_flw_http_mthd`)", value="-")
+        is_ftp_login = st.selectbox("Is FTP Login (`is_ftp_login`)", [0, 1])
+        attack_cat = st.text_input("(Optional) Ground Truth Label (`attack_cat`)", value="")
 
     submitted = st.form_submit_button("Run IDS Prediction")
 
-# ------------------- Prediction Logic -------------------
 if submitted:
     user_input = pd.DataFrame([{
-        "Stime": Stime,
-        "Ltime": Ltime,
-        "sbytes": sbytes,
-        "dbytes": dbytes,
-        "Spkts": Spkts,
-        "Dpkts": Dpkts,
+        "dur": dur,
         "proto": proto,
         "service": service,
         "state": state,
-        "attack_cat": attack_cat  # optional
+        "sbytes": sbytes,
+        "dbytes": dbytes,
+        "spkts": spkts,
+        "dpkts": dpkts,
+        "sttl": sttl,
+        "sload": sload,
+        "sloss": sloss,
+        "swin": swin,
+        "trans_depth": trans_depth,
+        "ct_flw_http_mthd": ct_flw_http_mthd,
+        "is_ftp_login": is_ftp_login,
+        "attack_cat": attack_cat
     }])
 
-    # Load model artifacts
     features_to_drop, category_encodings, model = load_model_artifacts()
-
-    # Preprocess input
     processed_input = preprocess_input(user_input, features_to_drop, category_encodings)
 
     if processed_input is not None:
@@ -89,7 +84,7 @@ if submitted:
         st.success(f"Prediction: {prediction}")
         st.markdown("""
         - **13** → Normal Traffic  
-        - **Other values** → Intrusion Category (refer to model documentation)
+        - **Other values** → Intrusion Category  
         """)
     else:
-        st.error("Preprocessing failed. Please check your input fields.")
+        st.error("Preprocessing failed. Please check your input.")