AI Analysis Module

AI Analysis Module automatically detects anomalies in Suricata network traffic (flow, DNS, HTTP, TLS) using machine learning. It extracts features, cleans data, and applies Isolation Forest models to identify suspicious activity in real time. Results are stored in Redis and visualized through a web dashboard with anomaly timelines and traffic statistics.