Hybridization of computational intelligence methods for attack detection in computer networks

The paper is devoted to identification and classification of network traffic connections by various hybridization schemes with the goal of efficient network attack detection. For this purpose the combination of different methods of computational intelligence is used, namely neural networks, immune systems, neuro-fuzzy classifiers and support vector machines. To increase the speed of processing of input vectors it is proposed to apply the method of principal components. A distinctive feature and advantage of the approach suggested is a multi-level analysis of network traffic, providing the possibility to detect attacks by a signature based technique and combining a set of adaptive detectors based on computational intelligence methods. The paper describes a software tool that is built on the basis of the proposed hybridization mechanisms. Computational experiments were carried out that serve as evidence of their effectiveness in detection of both known and unknown attacks.