Download PDFOpen PDF in browser

Classification of Firewall Logs Actions Using Machine Learning Techniques and Deep Neural Network

EasyChair Preprint 8317

10 pagesDate: June 19, 2022

Abstract

A firewall can be a software or hardware tool used to monitor and report network traffic with a set of rules that controls certain packets before they reach a network server. It is important to analyse and manage firewall logs sent over the Internet to determine the contents of packets passing through the users’ network and to avoid serious damage to users’ device or private network. The log records of the Turkish Firat University’s firewall device were analyzed using K-Nearest Neighbour (KNN), Random Forest, and Deep Neural Network (DNN) classifiers. The performance of the classifiers was compared based on accuracy, precision, F1-Score, and recall measures. In this study, 12 attributes were used, whereby the action’s attribute was used to determine the action that will be taken on the packets (allowed to pass, prevented, blocking the activity , or block the request itself). Results showed that among the other classifiers, the KNN classifier was found to be the most successful, with an accuracy rate of 99.38%.

Keyphrases: Deep Neural Network (DNN), Firewall, K-Nearest Neighbour (KNN), Machine Learning (ML), Random Forest (RF)

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:8317,
  author    = {Batool Al-Tarawneh and Hani Bani-Salameh},
  title     = {Classification of Firewall Logs Actions Using Machine Learning Techniques and Deep Neural Network},
  howpublished = {EasyChair Preprint 8317},
  year      = {EasyChair, 2022}}
Download PDFOpen PDF in browser