Computational Intelligence (CI) is a sub-branch of Artificial Intelligence paradigm focusing on the study of adaptive mechanisms to enable or facilitate intelligent behavior in complex and changing environments. There are several paradigms of CI [like artificial neural networks, evolutionary computations, swarm intelligence, artificial immune systems, fuzzy systems and many others], each of these has its origins in biological systems [biological neural systems, natural Darwinian evolution, social behavior, immune system, interactions of organisms with their environment]. Most of those paradigms evolved into separate machine learning (ML) techniques, where probabilistic methods are used complementary with CI techniques in order to effectively combine elements of learning, adaptation, evolution and Fuzzy logic to create heuristic algorithms that are, in some sense, intelligent. The current trend is to develop consensus techniques, since no single machine learning algorithms is superior to others in all possible situations. In order to overcome this problem several meta-approaches were proposed in ML focusing on the integration of results from different methods into single prediction. We discuss here the Landau theory for the nonlinear equation that can describe the adaptive integration of information acquired from an ensemble of independent learning agents. The influence of each individual agent on other learners is described similarly to the social impact theory. The final decision outcome for the consensus system is calculated using majority rule in the stationary limit, yet the minority solutions can survive inside the majority population as the complex intermittent clusters of opposite opinion.

In this work we set the basis of a framework for modeling and building computer network attacks. The main purpose of this framework is to provide a tool for automating the risk assessment process, in particular penetration tests, providing a further step in the direction of a tool like Core Impact [Co02]. This work has also a theoretical value: "we understand what we can build." Our framework, considered as a functional model of the attacking process, will provide the community with a deeper and more detailed model of the attacks and intrusions of computer networks. Finally, it can be used by a system administrator to simulate attacks against his network, evaluate the vulnerabilities of the network and determine which countermeasures will make it safe. 1 After reviewing related work, we describe in the second section the components of our model-probabilistic assets, quantified goals, agents and actionsand their relations. In the third section we describe the principal applications of this model: automated planning of attacks and attack simulations.

Information system is an arrangement of people, data, processes, and information technology that interact to collect, process, store, and provide as output the information needed to support an organization [4]. There are many information systems which become sub information system that will collaborate one and others in one information system. They are: 1) TPS (Transactional Processing System) 2) SCM (Supply Chain Management) 3) CRM (Customer Relationship Management) 4) OLTP (Online Transactional Processing) 5) ES (Expert System) 6) EIS (Executive Information System) 7) MIS (Management Information System) 8) DW (Data Warehouse) 9) BI (Business Intelligence) 10) OLAP (Online Analytical Processing) 11) DSS (Decision Support System) In the implementation the information system has been created as management level's needed. For example like TPS, OLTP, CRM, and SCM are designed for low level management to capture data and MIS, DW, OLAP, Expert System and DSS are designed for middle management, while EIS is designed for high level management. Although for some information system are designed for all management level like SCM,CRM, OLAP, DW, Expert System, and DSS. Figure 1 shows this type of information system and the level management allocation.

In Aerts & Gabora (2005a,b), we introduced a modeling scheme for concepts and their combinations that makes use of the mathematical formalism of quantum physics. This quantum modeling scheme has been further worked out in Aerts (2009a) and Aerts (2010a,b). The experimental data we used to create our modeling scheme were data collected in experiments with human subjects that were conducted within the framework of concepts research in psychology (Hampton 1988a,b). These experiments required human subjects to estimate typicalities of exemplars of concepts and their combinations. The results of these estimations were in conflict with how combinations of concepts such as'conjunction' and'disjunction' were expected to behave classically, as prescribed by classical logic or set theory. Hampton called these deviations from classical behavior'overextension' and'underextension', depending on their relation to the classically expected values of typicality (Hampton 1988a,b).

Finding interesting rule in the sixth strategy step about threshold control on generalized relations in attribute oriented induction, there is possibility to select candidate attribute for further generalization and merging of identical tuples until the number of tuples is no greater than the threshold value, as implemented in basic attribute oriented induction algorithm. At this strategy step there is possibility the number of tuples in final generalization result still greater than threshold value. In order to get the final generalization result which only small number of tuples and can be easy to transfer into simple logical formula, the seventh strategy step about rule transformation is evolved where there will be simplification by unioning or grouping the identical attribute. Our approach to measure interesting rule is opposite with heuristic measurement approach by Fudger and Hamilton where the more complex concept hierarchies, more interesting results are likely to be found, but our approach the simpler concept hierarchies, more interesting results are likely to be found and the more complex concept hierarchies, more complex process generalization in concept tree. The decision to find interesting rule is influenced with wide or length and depth or level of concept tree.

The current investigations on hyper-heuristics design have sprung up in two different flavours: heuristics that choose heuristics and heuristics that generate heuristics. In the latter, the goal is to develop a problem-domain independent strategy to automatically generate a good performing heuristic for the problem at hand. This can be done, for example, by automatically selecting and combining different low-level heuristics into a problem specific and effective strategy. Hyper-heuristics raise the level of generality on automated problem solving by attempting to select and/or generate tailored heuristics for the problem at hand. Some approaches like genetic programming have been proposed for this. In this paper, we explore an elegant nature-inspired alternative based on self-assembly construction processes, in which structures emerge out of local interactions between autonomous components. This idea arises from previous works in which computational models of self-assembly were subject to evolutionary design in order to perform the automatic construction of user-defined structures. Then, the aim of this paper is to present a novel methodology for the automated design of heuristics by means of self-assembly.

The rigorous theoretical analyses of algorithms for #SAT have been proposed in the literature. As we know, previous algorithms for solving #SAT have been analyzed only regarding the number of variables as the parameter. However, the time complexity for solving #SAT instances depends not only on the number of variables, but also on the number of clauses. Therefore, it is significant to exploit the time complexity from the other point of view, i.e. the number of clauses. In this paper, we present algorithms for solving #2-SAT and #3-SAT with rigorous complexity analyses using the number of clauses as the parameter. By analyzing the algorithms, we obtain the new worst-case upper bounds O(1.1892m) for #2-SAT and O(1.4142m) for #3-SAT, where m is the number of clauses.

Innate immunity now occupies a central role in immunology. However, artificial immune system models have largely been inspired by adaptive not innate immunity. This paper reviews the biological principles and properties of innate immunity and, adopting a conceptual framework, asks how these can be incorporated into artificial models. The aim is to outline a meta-framework for models of innate immunity.

A new emerging paradigm of Uncertain Risk of Suspicion, Threat and Danger, observed across the field of information security, is described. Based on this paradigm a novel approach to anomaly detection is presented. Our approach is based on a simple yet powerful analogy from the innate part of the human immune system, the Toll-Like Receptors. We argue that such receptors incorporated as part of an anomaly detector enhance the detector's ability to distinguish normal and anomalous behaviour. In addition we propose that Toll-Like Receptors enable the classification of detected anomalies based on the types of attacks that perpetrate the anomalous behaviour. Classification of such type is either missing in existing literature or is not fit for the purpose of reducing the burden of an administrator of an intrusion detection system. For our model to work, we propose the creation of a taxonomy of the digital Acytota, based on which our receptors are created.

The Dendritic Cell Algorithm (DCA) is an immune-inspired algorithm, developed for the purpose of anomaly detection. The algorithm performs multi-sensor data fusion and correlation which results in a 'context aware' detection system. Previous applications of the DCA have included the detection of potentially malicious port scanning activity, where it has produced high rates of true positives and low rates of false positives. In this work we aim to compare the performance of the DCA and of a Self-Organizing Map (SOM) when applied to the detection of SYN port scans, through experimental analysis. A SOM is an ideal candidate for comparison as it shares similarities with the DCA in terms of the data fusion method employed. It is shown that the results of the two systems are comparable, and both produce false positives for the same processes. This shows that the DCA can produce anomaly detection results to the same standard as an established technique.