Introduction: The growing complexity and frequency of cyber threats necessitate more adaptive and accurate intrusion detection systems (IDS). Traditional rule-based systems often fail to detect emerging cyberattacks patterns, underscoring the importance of data-driven approaches. Machine-learning methods, particularly deep learning and supervised learning, often promising capabilities for detecting anomalies in complex network environments. This study addresses the rising need for robust IDS models capable of distinguishing between benign and malicious traffic with high precision.

Objectives: The primary objective of this research is to perform a comparative assessment of four supervised learning models, including Multi-Layer Perceptron, Bagging Tree Ensemble, CatBoost, and One-Dimensional Convolutional Neural Network, for binary intrusion detection. The study aims to examine their performance in terms of accuracy, precision, recall, and F1-score, thereby identifying the most effective classifier for structured network traffic data.

Methods: A labeled network traffic dataset encompassing 4,000 records and 25 attributes was used. The dataset included both categorical and continuous variables. There was a class imbalance, with most of the instances being benign network traffic. Preprocessing was done by applying one-hot encoding to categorical features and z-score normalization to numerical features. All models were trained based on an 80:20 stratified train-test split and evaluated by traditional performance measures.

Results: CatBoost exhibited the highest overall performance among the models, attaining an accuracy of 0.89, a precision of 0.99, and an F1-score of 0.86. The Bagging Tree model attained perfect precision (1.00). The 1D CNN model demonstrated competitive recall and F1-score. The MLP had poor recall due to the increased number of false negatives. The results of the study have shown the efficiency of ensemble and deep learning approaches for binary intrusion classification. while also revealing the inherent precision-recall trade-offs among different models.

Conclusions: The study underscores the effectiveness of CatBoost and other ensemble-based approaches for intrusion-detection in structured network traffic datasets. It also emphasizes the importance of selecting models based on organizational risk tolerance. The research provides a practical performance benchmark to guide future IDS model selection and optimization in cybersecurity applications.