Network intrusion detection systems (IDS) are critical for cybersecurity, yet existing solutions face significant limitations: cloud-based approaches introduce privacy concerns, bandwidth costs, and latency, while resource-intensive multi-model ensemble approaches are computationally infeasible for edge devices such as Wi-Fi routers and network gateways. This study addresses the research question: Can we develop an accurate, single-model intrusion detection system suitable for deployment on resource-constrained edge devices? We propose lightweight IDS combining three key techniques: (1) Principal Component Analysis (PCA) for aggressive dimensionality reduction from 79 to 20 features (75% reduction), (2) quota sampling to address severe class imbalance in network traffic data, and (3) single-model machine learning for efficient classification. Using the CICIDS2017 benchmark dataset (2.2 million network flows), we trained and evaluated two models: Random Forest and Artificial Neural Networks (ANN). Results: Random Forest achieved 99.84% overall accuracy (95% CI: 99.82-99.85%) with high precision (>99%) across most attack types. Per-class analysis revealed excellent detection for major attack types (DoS: 99.93%, DDoS: 99.97%, Port Scan: 99.44%, Brute Force: 98-99%), though detection of rare attacks (Infiltration: 68%, Botnet: 0%) remained challenging due to limited training samples. ANN achieved 97.65% accuracy with comparable inference speed but lower per-class performance. PCA-based feature reduction retained 94.8% of original data variance without accuracy degradation. Cross-validation (5-fold stratified) confirmed model generalization (99.84% ± 0.015%). Practical impact: The single-model architecture achieves 90% computational reduction compared to traditional 10-model ensemble approaches, with inference latency of ~2 milliseconds per sample suitable for real-time edge deployment. Computational requirements are minimal: <5% CPU utilization on standard Wi-Fi router hardware, <100 MB memory during execution, and 2.5 MB model storage. Conclusion: This work demonstrates that high-accuracy, sophisticated intrusion detection (99.84%) is achievable on resource-constrained edge devices without requiring cloud infrastructure, multi-model ensembles, or excessive feature engineering. These findings open pathways for privacy-preserving, cost-effective network security at the network edge.