HYBRID ARTIFICIAL INTELLIGENCE ARCHITECTURES FOR PREDICTING BEHAVIORAL ANOMALIES IN NETWORK TRAFFIC
DOI:
https://doi.org/10.35546/kntu2078-4481.2026.1.47Keywords:
network cybersecurity, early threat detection, predictive analysis, adaptive models, anomalous behavior, distributed networks, model robustness, data drift, explainability of decisionsAbstract
The relevance of this study is driven by the rapid growth in the volume and diversity of network traffic, increasing complexity of modern distributed network architectures, and a rising frequency of sophisticated cyber incidents manifested as behavioral anomalies. Under these conditions, traditional signature-based and isolated model-driven traffic analysis approaches fail to provide sufficient accuracy, robustness, and timeliness of response, which necessitates the adoption of integrated intelligent methods for predicting anomalous network behavior. The purpose of the article is to substantiate methodological approaches and to improve the effectiveness of predicting behavioral anomalies in network traffic through the use of hybrid artificial intelligence architectures, hereinafter referred to as AI, capable of providing adaptive, robust, and anticipatory detection of anomalous network behavior in dynamic and heterogeneous network environments. The research methods are based on a theoretical analysis of contemporary scientific sources in the fields of AI and cybersecurity, a systems approach to the study of network processes, logical generalization of results, and comparative analysis of approaches to anomaly prediction in network traffic using different classes of intelligent models. The research results demonstrate that the isolated application of individual AI models is of limited effectiveness for early prediction of behavioral anomalies, whereas their architectural integration enables comprehensive consideration of temporal, structural, and contextual characteristics of traffic. It is established that hybrid AI architectures improve prediction accuracy and robustness, reduce model sensitivity to data drift, and create a temporal advantage for preventive response. Key scientific and practical challenges in the implementation of such solutions are identified, including limited quality of training data, system scalability, interpretability of results, and risks of targeted model manipulation. Conclusions. Hybrid AI architectures should be considered a systemic foundation for intelligent network traffic analysis, enabling a transition from reactive incident detection to proactive, prediction-oriented cybersecurity management. Prospects for further research are associated with deepening the theoretical foundations of hybrid AI architecture design, developing harmonized criteria for evaluating the quality of early prediction, and investigating approaches to enhancing the robustness of intelligent traffic analysis systems in distributed and critical network infrastructures.
References
Bershchanskyi Y., Klym H., Shevchuk Y. Containerized Artificial Intelligent System Design in Cloud and Cyber-Physical Systems. Advances in Cyber-Physical Systems. 2024. Vol. 9, no. 2. P. 151–157. URL: https://doi.org/10.23939/acps2024.02.151 (date of access: 05.01.2026).
Опірський І. Р., Хохлачова Ю. Є., Стефанків А. В., Шевчук Ю. А. Аналіз технічних особливостей реалізації шифрування даних на SD-картах в Android. Сучасний захист інформації. 2025. Вип. 1, № 61. С. 219–228. DOI: https://doi.org/10.31673/2409-7292.2025.016526
Hunko I. How to Effectively Reduce Software Testing Time: From Requirements to Regression. Lodz: Futurity Research Publishing, 2025. 158 p. URL: https://futurity-publishing.com/wp-content/uploads/2025/04/7%D0%9F-29.03.25-3.pdf
Hybrid TrafficAI: A Generative AI Framework for Real-Time Traffic Simulation and Adaptive Behavior Modeling / H. Bilal et al. IEEE Transactions on Intelligent Transportation Systems. 2025. P. 1–17. URL: https://doi.org/10.1109/tits.2025.3571041 (date of access: 05.01.2026).
Intelligent Hybrid Model to Enhance Time Series Models for Predicting Network Traffic / T. H. H. Aldhyani et al. IEEE Access. 2020. Vol. 8. P. 130431–130451. URL: https://doi.org/10.1109/access.2020.3009169 (date of access: 05.01.2026).
A hybrid ensemble machine learning model for detecting APT attacks based on network behavior anomaly detection / N. Saini et al. Concurrency and Computation: Practice and Experience. 2023. Vol. 35, № 28. Article e7865. URL: https://doi.org/10.1002/cpe.7865 (date of access: 05.01.2026).
Nasreen Fathima A. H., Syed Ibrahim S. P., Khraisat A. Enhancing Network Traffic Anomaly Detection: Leveraging Temporal Correlation Index in a Hybrid Framework. IEEE Access. 2024. Vol. 12. P. 136805–136824.URL: https://doi.org/10.1109/access.2024.3458903 (date of access: 05.01.2026).
Cao H. The detection of abnormal behavior by artificial intelligence algorithms under network security. IEEE Access: Practical Innovations, Open Solutions. 2024. Vol. 12. P. 118605-118617. URL: https://doi.org/10.1109/access.2024.3436541 (date of access: 07.01.2026).
Deep neural network based anomaly detection in Internet of Things network traffic tracking for the applications of future smart cities / D. K. Reddy et al. Transactions on Emerging Telecommunications Technologies. 2020. URL: https://doi.org/10.1002/ett.4121 (date of access: 05.01.2026).
An efficient network behavior anomaly detection using a hybrid DBN-LSTM network / A. Chen et al. Computers & Security. 2022. Vol. 114. P. 102600. URL: https://doi.org/10.1016/j.cose.2021.102600 (date of access: 05.01.2026)
A hybrid deep learning based intrusion detection system using spatial-temporal representation of in-vehicle network traffic / W. Lo et al. Vehicular Communications. 2022. Vol. 35. P. 100471. URL: https://doi.org/10.1016/j.vehcom.2022.100471 (date of access: 05.01.2026).
Nascita A., Aceto G., Ciuonzo D., Montieri A., Persico V., Pescapé A. A Survey on Explainable Artificial Intelligence for Internet Traffic Classification and Prediction, and Intrusion Detection. IEEE Communications Surveys & Tutorials. 2025. Vol. 27, № 5. P. 3165–3198. URL: https://doi.org/10.1109/comst.2024.3504955 (date of access: 05.01.2026).
Ullah I., Ullah A., Sajjad M. Towards a Hybrid Deep Learning Model for Anomalous Activities Detection in Internet of Things Networks. IoT. 2021. Vol. 2, no. 3. P. 428–448. URL: https://doi.org/10.3390/iot2030022 (date of access: 05.01.2026).
Darshan S., Radhika N., Radhika G. Predicting and Evaluating Anomaly Detection and Traffic Analysis on Software Defined Networks Using a Hybrid Machine Learning Approach. Lecture Notes in Electrical Engineering. Singapore, 2025. P. 521–532. URL: https://doi.org/10.1007/978-981-97-4540-1_38 (date of access: 05.01.2026).
AI Driven Anomaly Detection in Network Traffic Using Hybrid CNN-GAN / V. S. Rao et al. Journal of Advances in Information Technology. 2024. Vol. 15, no. 7. P. 886–895. URL: https://doi.org/10.12720/jait.15.7.886-895 (date of access: 05.01.2026).
