Academic Journals Database
Disseminating quality controlled scientific knowledge

Firewall Policy Management Through Sliding Window Filtering Method Using Data Mining Techniques

ADD TO MY LIST
 
Author(s): Srinivasa Rao | Boddi Reddy Rama | K.Naga Mani

Journal: International Journal of Computer Science and Engineering Survey
ISSN 0976-3252

Volume: 2;
Issue: 2;
Start page: 39;
Date: 2011;
VIEW PDF   PDF DOWNLOAD PDF   Download PDF Original page

Keywords: Computer Security | Firewall | Policy Management | Data Mining | Association Rule

ABSTRACT
As the number of security incidents had been sharply growing, the issue of security-defensedraws more and more attention from network community in past years. Firewall is known one of themost popular security-defense mechanism for corporations. It is the first defense-line for securityinfrastructure of corporations to against external intrusions and threats. A firewall will filter packets byfollowing its policy rules to avoid suspicious intruder executing illegal actions and damaging internalnetwork. Well-designed policy rules can increase the security-defense effect to against security risk. Inthis paper, we apply association rule mining to analyze network logs and detect anomalous behaviors,such as connections those shown frequently in short period with the same source IP and port. Fromthese anomalous behaviors, we could inference useful, up-to-dated and efficient firewall policy rules.Comparing with the method proposed in [18], we utilize incremental mining to handle the increasinglychanged traffic log data. The proposed method can highly enhance the execution performance in dataanalyzing. Experimental results show that the execution efficiency of our method is better than that oftraditional methods when dealing with large-sized log files.

Tango Rapperswil
Tango Rapperswil

     Affiliate Program