The growing prevalence of cyberattacks against network-connected systems increases the need for accurate intrusion and attack detection (AD) systems that can react rapidly at the network access ports. Machine learning has often been used for AD because of the high accuracy it can offer, and its fast testing speed for real-time attack detection. On the other hand, the data sampling methods used to transform incoming traffic streams into data for real-time testing by AD systems can have an important effect on the detection accuracy, and are seldom discussed in the literature. Here, we address this often neglected aspect, with the Auto-Associative Dense Random Neural Network (AADRNN), a state-of-the-art AD system. After briefly reviewing the literature and comparing the AADRNN attack detector with other state-of-the-art approaches, this paper focuses on choosing the values of the data sampling parameters and the decision threshold to obtain the best accuracy from this AD method. Experiments regarding Botnet attack detection using the Mirai dataset, as well as synthetic flood attacks conducted on an experimental IoT test-bed are used to illustrate the results, and to guide the parameter choices that maximize the AADRNN’s True Positive Rate and minimize its False Positive Rate.