Abstract
Intrusion detection is an important task on network cybersecurity. Intrusion detection systems solve this problem by using various methods. An analysis of the relevant works that offer possible solutions are presented, and a description of the proposed complex method that allows online identification of attacks is provided. The proposed complex method based on the joint application of the signature analysis method, entropy protocols analysis method, and machine learning method for behavior traffic analysis. The probability of intrusion detection used and based on the confusion matrix, the completeness, and the F-measure. There is a problem not only to detect the attacks but to identify the type of ones. Many attacks can be detected by using the proposed complex method, but also, this method allows to identify the type of attack and choose the type of defenses. The proposed complex method was compared to existing methods. Simulation results have shown that the proposed method better identifies attacks and has fewer false positives detections.