Cite Article

Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense

Choose citation format

BibTeX

@article{IJASEIT14608,
   author = {Qasem Abu Al-Haija and Abdelraouf Ishtaiwi},
   title = {Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense},
   journal = {International Journal on Advanced Science, Engineering and Information Technology},
   volume = {11},
   number = {4},
   year = {2021},
   pages = {1688--1695},
   keywords = {Artificial intelligence; shallow neural network; decision tree; network security; firewalls; firewall logs; classification.},
   abstract = {

A firewall system is a security system to ensure traffic control for incoming and outgoing packets passing through communication networks by applying specific decisions to improve cyber-defense and decide against malicious packets. The filtration process matches the traffic packets against predefined rules to preclude cyber threats from getting into the network. Accordingly, the firewall system proceeds with either to “allow,” “deny,” or “drop/reset” the incoming packet. This paper proposes an intelligent classification model that can be employed in the firewall systems to produce proper action for every communicated packet by analyzing packet attributes using two machine learning methods, namely, shallow neural network (SNN), and optimizable decision tree (ODT). Specifically, the proposed models have used to train and classify the Internet Firewall-2019 dataset into three classes: “allow, “deny,” and “drop/reset.” The experimental results exhibited our classification model's superiority, scoring an overall accuracy of 99.8%, and 98.5% for ODT, and SNN respectively. Besides, the suggested system was evaluated using many evaluation metrics, including confusion matrix parameters (TP, TN, FP, FN), true positive rate (TPR), false-negative rate (FNR), positive predictive value (PPV), false discovery rate (FDR), and the receiver operating characteristic (ROC) curves for the developed three-class classifier. Ultimately, the proposed system outpaced many existing up-to-date firewall classification systems in the same area of study.

},    issn = {2088-5334},    publisher = {INSIGHT - Indonesian Society for Knowledge and Human Development},    url = {http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=14608},    doi = {10.18517/ijaseit.11.4.14608} }

EndNote

%A Abu Al-Haija, Qasem
%A Ishtaiwi, Abdelraouf
%D 2021
%T Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense
%B 2021
%9 Artificial intelligence; shallow neural network; decision tree; network security; firewalls; firewall logs; classification.
%! Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense
%K Artificial intelligence; shallow neural network; decision tree; network security; firewalls; firewall logs; classification.
%X 

A firewall system is a security system to ensure traffic control for incoming and outgoing packets passing through communication networks by applying specific decisions to improve cyber-defense and decide against malicious packets. The filtration process matches the traffic packets against predefined rules to preclude cyber threats from getting into the network. Accordingly, the firewall system proceeds with either to “allow,” “deny,” or “drop/reset” the incoming packet. This paper proposes an intelligent classification model that can be employed in the firewall systems to produce proper action for every communicated packet by analyzing packet attributes using two machine learning methods, namely, shallow neural network (SNN), and optimizable decision tree (ODT). Specifically, the proposed models have used to train and classify the Internet Firewall-2019 dataset into three classes: “allow, “deny,” and “drop/reset.” The experimental results exhibited our classification model's superiority, scoring an overall accuracy of 99.8%, and 98.5% for ODT, and SNN respectively. Besides, the suggested system was evaluated using many evaluation metrics, including confusion matrix parameters (TP, TN, FP, FN), true positive rate (TPR), false-negative rate (FNR), positive predictive value (PPV), false discovery rate (FDR), and the receiver operating characteristic (ROC) curves for the developed three-class classifier. Ultimately, the proposed system outpaced many existing up-to-date firewall classification systems in the same area of study.

%U http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=14608 %R doi:10.18517/ijaseit.11.4.14608 %J International Journal on Advanced Science, Engineering and Information Technology %V 11 %N 4 %@ 2088-5334

IEEE

Qasem Abu Al-Haija and Abdelraouf Ishtaiwi,"Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense," International Journal on Advanced Science, Engineering and Information Technology, vol. 11, no. 4, pp. 1688-1695, 2021. [Online]. Available: http://dx.doi.org/10.18517/ijaseit.11.4.14608.

RefMan/ProCite (RIS)

TY  - JOUR
AU  - Abu Al-Haija, Qasem
AU  - Ishtaiwi, Abdelraouf
PY  - 2021
TI  - Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense
JF  - International Journal on Advanced Science, Engineering and Information Technology; Vol. 11 (2021) No. 4
Y2  - 2021
SP  - 1688
EP  - 1695
SN  - 2088-5334
PB  - INSIGHT - Indonesian Society for Knowledge and Human Development
KW  - Artificial intelligence; shallow neural network; decision tree; network security; firewalls; firewall logs; classification.
N2  - 

A firewall system is a security system to ensure traffic control for incoming and outgoing packets passing through communication networks by applying specific decisions to improve cyber-defense and decide against malicious packets. The filtration process matches the traffic packets against predefined rules to preclude cyber threats from getting into the network. Accordingly, the firewall system proceeds with either to “allow,” “deny,” or “drop/reset” the incoming packet. This paper proposes an intelligent classification model that can be employed in the firewall systems to produce proper action for every communicated packet by analyzing packet attributes using two machine learning methods, namely, shallow neural network (SNN), and optimizable decision tree (ODT). Specifically, the proposed models have used to train and classify the Internet Firewall-2019 dataset into three classes: “allow, “deny,” and “drop/reset.” The experimental results exhibited our classification model's superiority, scoring an overall accuracy of 99.8%, and 98.5% for ODT, and SNN respectively. Besides, the suggested system was evaluated using many evaluation metrics, including confusion matrix parameters (TP, TN, FP, FN), true positive rate (TPR), false-negative rate (FNR), positive predictive value (PPV), false discovery rate (FDR), and the receiver operating characteristic (ROC) curves for the developed three-class classifier. Ultimately, the proposed system outpaced many existing up-to-date firewall classification systems in the same area of study.

UR - http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=14608 DO - 10.18517/ijaseit.11.4.14608

RefWorks

RT Journal Article
ID 14608
A1 Abu Al-Haija, Qasem
A1 Ishtaiwi, Abdelraouf
T1 Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense
JF International Journal on Advanced Science, Engineering and Information Technology
VO 11
IS 4
YR 2021
SP 1688
OP 1695
SN 2088-5334
PB INSIGHT - Indonesian Society for Knowledge and Human Development
K1 Artificial intelligence; shallow neural network; decision tree; network security; firewalls; firewall logs; classification.
AB 

A firewall system is a security system to ensure traffic control for incoming and outgoing packets passing through communication networks by applying specific decisions to improve cyber-defense and decide against malicious packets. The filtration process matches the traffic packets against predefined rules to preclude cyber threats from getting into the network. Accordingly, the firewall system proceeds with either to “allow,” “deny,” or “drop/reset” the incoming packet. This paper proposes an intelligent classification model that can be employed in the firewall systems to produce proper action for every communicated packet by analyzing packet attributes using two machine learning methods, namely, shallow neural network (SNN), and optimizable decision tree (ODT). Specifically, the proposed models have used to train and classify the Internet Firewall-2019 dataset into three classes: “allow, “deny,” and “drop/reset.” The experimental results exhibited our classification model's superiority, scoring an overall accuracy of 99.8%, and 98.5% for ODT, and SNN respectively. Besides, the suggested system was evaluated using many evaluation metrics, including confusion matrix parameters (TP, TN, FP, FN), true positive rate (TPR), false-negative rate (FNR), positive predictive value (PPV), false discovery rate (FDR), and the receiver operating characteristic (ROC) curves for the developed three-class classifier. Ultimately, the proposed system outpaced many existing up-to-date firewall classification systems in the same area of study.

LK http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=14608 DO - 10.18517/ijaseit.11.4.14608