论文信息 - Development of Firewall System for Automated Policy Rule Generation based on Machine learning

Development of Firewall System for Automated Policy Rule Generation based on Machine learning

Conventional firewalls cannot cope with attacks immediately. It is because security professionals or administrators need to analyze them and enter relevant policies to the firewalls. In addition, those policies may often block even normal accesses. Even though the packet themselves are normal, there exist many attacks that cause denial of service due to the inflow of a large amount of those packets. In this paper, we propose a method to block attacks such as Flooding, Spoofing and Scanning while allowing normal accesses based on whitelist policies which are automatedly generated by learning normal access patterns.

Seong Oun Hwang | KyungHyun Han | S. Hwang | Kyunghyun Han

[2] Christian Borgelt,et al. Induction of Association Rules: Apriori Implementation , 2002, COMPSTAT.

[3] Saiyan Saiyod,et al. Improving Intrusion Detection System Based on Snort Rules for Network Probe Attacks Detection with Association Rules Technique of Data Mining , 2015 .

[4] Rakesh Agarwal,et al. Fast Algorithms for Mining Association Rules , 1994, VLDB 1994.

[5] Eun-Young Cheon,et al. Analysis of the Network Traffic Collection Performance Using Suricata , 2019 .

[6] Sung-Ho Yoon,et al. SigBox: Automatic Signature Generation Method for Fine-grained Traffic Identification , 2017, J. Inf. Sci. Eng..