Download PDFOpen PDF in browserClassification of Firewall Logs Actions Using Machine Learning Techniques and Deep Neural NetworkEasyChair Preprint 831710 pages•Date: June 19, 2022AbstractA firewall can be a software or hardware tool used to monitor and report network traffic with a set of rules that controls certain packets before they reach a network server. It is important to analyse and manage firewall logs sent over the Internet to determine the contents of packets passing through the users’ network and to avoid serious damage to users’ device or private network. The log records of the Turkish Firat University’s firewall device were analyzed using K-Nearest Neighbour (KNN), Random Forest, and Deep Neural Network (DNN) classifiers. The performance of the classifiers was compared based on accuracy, precision, F1-Score, and recall measures. In this study, 12 attributes were used, whereby the action’s attribute was used to determine the action that will be taken on the packets (allowed to pass, prevented, blocking the activity , or block the request itself). Results showed that among the other classifiers, the KNN classifier was found to be the most successful, with an accuracy rate of 99.38%. Keyphrases: Deep Neural Network (DNN), Firewall, K-Nearest Neighbour (KNN), Machine Learning (ML), Random Forest (RF)
|