ARCHIVES

The proliferation of sophisticated cyber-attacks against networked systems demands robust, real-time intrusion detection capabilities that transcend the limitations of purely rule-based approaches. This paper presents CloudShield IDS, a hybrid intrusion detection system that integrates machine learning-based classification with deterministic rule-based heuristics, cloud-based persistent storage via Supabase (PostgreSQL), and an interactive real-time Streamlit dashboard. The system employs an XGBoost classifier trained on network traffic features to distinguish normal activity from malicious patterns including port scans, distributed denial-of-service (DDoS) attacks, brute-force login attempts, and SQL injection exploits. The proposed pipeline captures raw network events through a dedicated listener module, classifies them through a dual-layer processor, and persists structured alerts to a cloud database from which the dashboard retrieves and visualises threat intelligence. Experimental evaluation demonstrates an overall detection rate of 97.8%, a precision of 97.2%, and a false positive rate of approximately 2.8%, outperforming conventional rule-based systems such as Snort and Suricata across multiple attack categories. The architecture is modular, extensible, and deployable both locally and on cloud infrastructure, making it suitable for enterprise and research environments. Claude AI was leveraged throughout the development lifecycle for code generation, architecture design, debugging, and optimisation, illustrating the practical utility of large language models in applied cybersecurity engineering.