Spaces:

yomnafarag95
/

Log_Classifier

Configuration error

App Files Files Community

yomnafarag95 commited on 8 days ago

Commit

7877434

verified ·

1 Parent(s): 7377758

Upload README.md

Browse files

Files changed (1) hide show

README.md +129 -9

README.md CHANGED Viewed

@@ -1,11 +1,131 @@
 ---
-title: Log Classifier
-emoji: 🚀
-colorFrom: red
-colorTo: red
-sdk: docker
-app_port: 7860
-tags:
-- streamlit
-pinned: false
 ---

+# Firewall Log Classifier
+A machine learning system for automated classification of firewall log entries into four action categories: allow, deny, drop, and reset-both. Built as part of CSAI 801 — Artificial Intelligence and Machine Learning.
+**Live Application:** https://huggingface.co/spaces/yomnafarag95/Log_Classifier
 ---
+## Overview
+Enterprise firewalls generate thousands of log entries per hour, making manual review impractical. This project trains a tuned Random Forest classifier on real network traffic data to automate that review process, achieving 99.56% test accuracy across four action classes.
 ---
+## Model Performance
+| Model                   | Test Accuracy | Macro F1 |
+|-------------------------|--------------|----------|
+| Random Forest (baseline)| 98.32%       | 0.981    |
+| Logistic Regression     | 99.75%       | 0.997    |
+| KNN                     | 99.23%       | 0.990    |
+| Random Forest (tuned)   | **99.56%**   | **0.803**|
+Tuned hyperparameters: `n_estimators=200`, `max_depth=20`, `min_samples_split=2`
+---
+## Dataset
+- **Source:** UCI Machine Learning Repository — Internet Firewall Data
+- **URL:** https://archive.ics.uci.edu/dataset/542/internet+firewall+data
+- **Raw records:** 65,532
+- **After deduplication:** 57,170
+- **Class distribution:** allow (37,439) · drop (11,635) · deny (8,042) · reset-both (54)
+**Input features (11):**
+| # | Feature              |
+|---|----------------------|
+| 1 | Source Port          |
+| 2 | Destination Port     |
+| 3 | NAT Source Port      |
+| 4 | NAT Destination Port |
+| 5 | Bytes                |
+| 6 | Bytes Sent           |
+| 7 | Bytes Received       |
+| 8 | Packets              |
+| 9 | Elapsed Time (sec)   |
+|10 | pkts_sent            |
+|11 | pkts_received        |
+---
+## Preprocessing Pipeline
+1. Duplicate removal (65,532 → 57,170 records)
+2. Stratified 70/30 train/test split
+3. SMOTE oversampling on training set to balance minority classes
+4. StandardScaler normalization
+---
+## Try the Application
+Paste any of the following lines into the application input and click Classify.
+Each line contains 11 comma-separated values matching the feature order above.
+**Allow**
+```
+51465,443,39975,443,3961,1595,2366,21,16,12,9
+```
+**Deny**
+```
+34086,25174,0,0,62,62,0,1,0,1,0
+```
+**Drop**
+```
+51125,445,0,0,66,66,0,1,0,1,0
+```
+**Reset-Both**
+```
+64461,31652,0,0,62,62,0,1,0,1,0
+```
+---
+## Run Locally
+```bash
+git clone https://github.com/yomnafarag95/Log_Classifier.git
+cd Log_Classifier
+pip install -r requirements.txt
+streamlit run app.py
+```
+---
+## Retrain the Model
+```bash
+pip install scikit-learn imbalanced-learn pandas joblib
+python retrain.py
+```
+Outputs: `model.joblib`, `scaler.joblib`, `label_encoder.joblib`
+---
+## Repository Structure
+```
+Log_Classifier/
+├── app.py                    Streamlit web application
+├── retrain.py                Model retraining script
+├── model.joblib              Trained Random Forest model
+├── scaler.joblib             Fitted StandardScaler
+├── label_encoder.joblib      Label encoder for action classes
+├── requirements.txt          Python dependencies
+└── The_Report.pdf            Full project report
+```
+---
+## Authors
+Yasmeen Algendy, Yomna Algendy, Zahraa Mohamed
+Supervisor: Dr. Marwa Elsayed
+CSAI 801 — Artificial Intelligence and Machine Learning