DOI: https://doi.org/10.36347/sjpms.2026.v13i04.003

Pages: 174-183

This study introduces a hybrid cybersecurity anomaly detection model that integrates Support Vector Machine (SVM) regression with time series analysis for real-time threat detection in network traffic. The model addresses key challenges in intrusion detection, such as high false positive rates, limited adaptability to evolving threats, and the computational burden associated with deep learning methods. The model was evaluated using the KDD Cup 1999 dataset and compared against several time series models, including ARIMA, SARIMA, Holt-Winters, Prophet, Autoregressive (AR), Moving Average (MA), and Autoregressive Moving Average (ARMA). The hybrid model outperformed all these traditional time series models, achieving an accuracy of 89.7%, an F1-score of 0.86, and a significantly reduced false positive rate of 0.10. Additionally, it produced the highest AUC-ROC score of 0.91, demonstrating superior classification capability. These results highlight the model’s effectiveness in real-time cybersecurity applications, offering a balanced approach between precision, recall, and computational efficiency.