International Journal on Advanced Science, Engineering and Information Technology, Vol. 11 (2021) No. 4, pages: 1688-1695, DOI:10.18517/ijaseit.11.4.14608

Machine Learning Based Model to Identify Firewall Decisions to Improve Cyber-Defense

Qasem Abu Al-Haija, Abdelraouf Ishtaiwi


A firewall system is a security system to ensure traffic control for incoming and outgoing packets passing through communication networks by applying specific decisions to improve cyber-defense and decide against malicious packets. The filtration process matches the traffic packets against predefined rules to preclude cyber threats from getting into the network. Accordingly, the firewall system proceeds with either to “allow,” “deny,” or “drop/reset” the incoming packet. This paper proposes an intelligent classification model that can be employed in the firewall systems to produce proper action for every communicated packet by analyzing packet attributes using two machine learning methods, namely, shallow neural network (SNN), and optimizable decision tree (ODT). Specifically, the proposed models have used to train and classify the Internet Firewall-2019 dataset into three classes: “allow, “deny,” and “drop/reset.” The experimental results exhibited our classification model's superiority, scoring an overall accuracy of 99.8%, and 98.5% for ODT, and SNN respectively. Besides, the suggested system was evaluated using many evaluation metrics, including confusion matrix parameters (TP, TN, FP, FN), true positive rate (TPR), false-negative rate (FNR), positive predictive value (PPV), false discovery rate (FDR), and the receiver operating characteristic (ROC) curves for the developed three-class classifier. Ultimately, the proposed system outpaced many existing up-to-date firewall classification systems in the same area of study.


Artificial intelligence; shallow neural network; decision tree; network security; firewalls; firewall logs; classification.

Viewed: 1257 times (since abstract online)

cite this paper     download