Neural-fuzzy prediction of self-similar traffic of information and communication networks for attack detection systems
DOI:
https://doi.org/10.34185/1562-9945-5-161-2025-01Keywords:
attack detection, information and communication network, prediction, self-similar traffic, adaptive fuzzy inference network, global optimizationAbstract
It was established that the current task is to build adequate predictive models of network self-similar traffic, which would allow their use in IDS for detecting network anomalies in real time with sufficient efficiency in terms of errors and reliability and increased efficiency. It is proposed to use adaptive filter-approximators in the form of adaptive fuzzy inference systems based on the Sugeno-Takagi, Takagi-Sugeno-Kang and Wang-Mendel algorithms for predicting self-similar traffic of information and communication networks. Since the problem of substantiating the type of neuro-fuzzy AFA with setting its parameters is polymodal, this requires the use of global optimization methods. The modeling of the network traffic forecasting process was carried out in the Matlab environment based on experimental data - traffic transmitted over the Internet. Multi-criteria optimization, direct random search and simulated annealing method were used as global optimization methods. The criterion of non-displacement (minimum shift) was used as the criterion of global optimization, and the criterion of parametric optimization was the regularity criterion, which was calculated on the test sample. As a result of the modeling, it was found that direct random search and multi-criteria optimization have the best convergence speed, the simulated annealing method showed the best performance, and the multi-criteria optimization algorithm showed the best convergence. It was also established that the minimum regularity criterion is met by the Anfis AFA based on the Takagi-Sugeno-Kanga algorithm, which is trained by a hybrid algorithm. Adequacy of the received traffic models of information and communication networks with experimental data was checked and confirmed by the non-parametric criterion of signs. Further research should be aimed at substantiating and investigating the informativeness of the characteristics and models of self-similar network traffic and the effectiveness of the criteria and methods for recognizing attacks.
References
Toliupa, S., Lukova-Chuiko, N., & Shestak, Ya. (2021). Zasoby vyiavlennia kibernetych-nykh atak na informatsiini systemy [Means of detecting cyber attacks on information sys-tems]. Infokomunikatsiini tekhnolohii ta elektronna inzheneriia, 2(2), 19–31 [in Ukrainian].
Lukova-Chuiko, N., Nakonechnyi, V., Toliupa, S., & Ziubina, R. (2020). Problemy za-chystu krytychno vazhlyvych ob`iektiv infrastruktury [Problems of protection of critical infra-structure facilities]. Bezpeka informatsiinykh system i tekhnolohii, 1(2), 31-39 [in Ukrainian].
Toliupa, S., & Kulko, A. (2025). Neiro-nechitka systema vyiavlennia vtorhnen u informa-tsiinu merezhu krytychnoi infrastruktury [Neuro-fuzzy system for detecting intrusions into the information network of critical infrastructure]. Kiberbezpeka: osvita, nauka, tekhnika, 3(27), 233-247 [in Ukrainian].
Nosenko, K.M., Pivtorak, О.I., & Lichouzova, Т.А. (2014). Ohliad system vyiavlennia atak v merezhevomu trafiku [Overview of network traffic attack detection systems]. Adaptyvni systemy avtomatychnoho upravlinnia, 1(24), 67-75 [in Ukrainian].
Dovbeshko, S.V., Toliupa, S.V., & Shestak, Ya.V. (2019). Zastosuvannia metodiv intel-ektualnoho analizu danykh dlia pobudovy system vyiavlennia atak [Application of data min-ing methods to build attack detection systems]. Suchasnyi zakhyst informatsii, 1(37), 6-15 [in Ukrainian].
Lazarenko, S.V. (2015). Osoblyvosti funktsionuvannia system vyiavlennia atak na avtomatyzovani systemy [Features of functioning of systems of detection of attacks on auto-mated systems]. Suchasnyi zakhyst informatsii, 1, 33-40 [in Ukrainian].
Hulak, H.M., Semko, V.V., & Skladannyi, P.M. (2015). Model systemy vyiavlennia vtorhnen z vykorystanniam dvostupenevoho kryteriiu vyiavlennia merezhevykh anomalii [Model of the system for detecting intrusion based on the two-stage criterion for detecting fencing anomalies]. Suchasnyi zakhyst informatsii, 4, 81-85 [in Ukrainian].
Lukova-Chuiko, N.V., Toliupa, S.V., & Parkhomenko, I.I. (2021). Metody vyiavlennia vtorhnen u suchasnykh systemakh IDS [Intrusion detection methods in modern IDS systems]. Bezpeka informatsiinykh system i tekhnolohii, 1(5), 19-26 [in Ukrainian].
Korniienko, V.I., Husiev, O.Yu., & Herasina, O.V. (2020). Intelektualne modeliuvannia neliniinykh dynamichnykh protsesiv u systemakh keruvannia, kiberbezpeky, telekomunikatsii: pidruchnyk [Intelligent modeling of nonlinear dynamic processes in control systems, cybersecurity, telecommunications: a textbook]. Dnipro: NTU «DP», 536 [in Ukrainian].
Crovella, M.E., & Bestravos, A. (1997). Self-Similarity in World Wide Web Traffic: Evi-dence and Possible Causes. IEEE Transactions on Networking, 5(6), 835-846 [in English].
Herasina, O.V. (2018). Metodyka intelektualnoi identyfikatsii ta prohnozuvannia trafiku v informatsiinykh telekomunikatsiinykh merezhakh [Methodology of intelligent identification and traffic forecasting in information telecommunication networks]. Systemy obrobky infor-matsii, 1(152), 94-99 [in Ukrainian].
Terenchuk, S., Pashko, A., Yeremenko, B., Kartavykh, S., & Ershovа, N. (2018). Model-ling Intelligent System for the Estimation of Technical State of Construction Structures. East-ern-European Journal of Enterprise Technologies, 3(2 (93)), 47-53 [in English].
Kondratenko, N.R., & Kuzemko, S.M. (2006). Osnovy neironnykh merezh. Teoriia ta praktyka [Fundamentals of Neural Networks. Theory and Practice]. Vinnytsia: VNTU, 104 [in Ukrainian].
Vladov, S., Shmelov, Y., & Petchenko, M. (2021). A neuro-fuzzy expert system for the control and diagnostics of helicopters aircraft engines technical state. ICT in Education, Re-search and Industrial Applications. Integration, Harmonization and Knowledge Transfer: Pro-ceedings of the 17th International Conference, 40-52 [in English].
Wang, L.X., & Mendel, J.M. (1992). Generating fuzzy rules by learning from examples. IEEE Transactions on systems, man, and cybernetics, 22 (6), 1414-1427 [in English].
Ivakhnenko, A.G., & Madala, H.R. (1994). Inductive learning algorithms for complex systems modeling. London, Tokyo: CRC Press, 384 [in English].
Traffic Archive. [Electronic resource] – Access mode: http://ita.ee.lbl.gov.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 System technologies
This work is licensed under a Creative Commons Attribution 4.0 International License.
