Skip to main content
SpringerLink
Log in
Book cover

International Conference on Recent Trends in Image Processing and Pattern Recognition

RTIP2R 2018: Recent Trends in Image Processing and Pattern Recognition pp 561–571Cite as

Mining Frequent Patterns in Firewall Logs Using Apriori Algorithm with WEKA

  • Conference paper
  • First Online:

  • 1002 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1037))

Abstract

With the enormous growth of security incidents in computer networks, the network security defense has gained significant attention from the information industry and network community. Firewalls are the first lines of defense for protecting computer networks and important information. They function as routers to connect different network segments together. Furthermore, they considered as the most important elements in the networks used by organizations to enforce their security policy. The security policies of enterprises and companies are implemented as firewall rules. These firewall rules are sensitive and any misconfiguration of them will cause anomalies. The subject of mining of frequent patterns in itemsets of the dataset is considered as one of the most important aspects in data mining technology. Apriori algorithm is the simplest and most powerful association rule mining (ARM) algorithms which can be efficiently used for mining frequent itemsets in the dataset. In this study, we proposed Apriori algorithm on WEKA to extract frequent itemset in the firewall logs to determine the best association rules that ensure the general orientations in the dataset.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Rizzardi, A.: Security in Internet of Things: networked smart objects. Doctoral thesis, Universitá degli Studi dell’Insubria (2016)

    Google Scholar 

  2. Golnabi, K., Min, R.K., Khan, L., Al-Shaer, E.: Analysis of firewall policy rules using data mining techniques. In: 10th IEEE/IFIP Network Operations and Management Symposium, NOMS 2006, vol. 5, pp. 305–315. IEEE (2006). https://doi.org/10.1109/NOMS.2006.1687561. Nagel, W.E., Walter, W.V., Lehner, W. (eds.) Euro-Par 2006. LNCS, vol. 4128, pp. 1148–1158. Springer, Heidelberg (2006). https://doi.org/10.1007/11823285_121

  3. Lawal, O.B., Ibitola, A., Longe, O.B.: Analysis and evaluation of network-based intrusion detection and prevention system in an enterprise network using snort freeware. Afr. J. Comput. ICTs. 6(1), 169–184 (2013)

    Google Scholar 

  4. Ucar, E., Ozhan, E.: The analysis of firewall policy through machine learning and data mining. Wirel. Pers. Commun. 96, 2891 (2017). https://doi.org/10.1007/s11277-017-4330-0

    Article  Google Scholar 

  5. Bello-Orgaz, G., Jung, J.J., Camacho, D.: Social big data: recent achievements and new challenges (2015)

    Google Scholar 

  6. Saboori, E., Parsazad, S., Sanatkhani, Y.: Automatic firewall rules generator for anomaly detection systems with Apriori algorithm. In: 3rd International Conference on Advanced Computer Theory and Engineering ICACTE, pp. 57–60 (2010)

    Google Scholar 

  7. Al-Shaer, E., Hamed, H., Boutaba, R., Hasan, M.: Conflict classification and analysis of distributed firewall policies. IEEE J. Sel. Areas Commun. 23(10), 2069–2084 (2005). https://doi.org/10.1109/JSAC.2005.854119

    Article  Google Scholar 

  8. Breier, J., Branišová, J.: A dynamic rule creation based anomaly detection method for identifying security breaches in log records. Wirel. Pers. Commun. (2015). https://doi.org/10.1007/s11277-015-3128-1

    Article  Google Scholar 

  9. Caruso, C., Malerba, D., Papagni, D.: Learning the daily model of network traffic. In: Hacid, MS., Murray, N.V., Raś, Z.W., Tsumoto, S. (eds.) ISMIS 2005. LNCS, vol. 3488, pp. 131–141. Springer, Heidelberg (2005). https://doi.org/10.1007/11425274_14

    Google Scholar 

  10. Tanna, P., Ghodasara, Y.: Using Apriori with WEKA for frequent pattern mining. arXiv preprint arXiv:1406.7371 (2014)

    Article  Google Scholar 

  11. Shrivastava, A.K., Panda, R.N.: Implementation of Apriori algorithm using WEKA. KIET Int. J. Intell. Comput. Inform. 1(1), 4 (2014)

    Google Scholar 

  12. URL download WEKA: http://www.cs.waikato.ac.nz/ml/weka/

  13. Snort. An open source network intrusion detection system. http://www.Snort.org/

  14. TWIDS Tool: TWIDS. http://twids.cute.edu.tw/en

  15. As-Suhbani, H., Khamitkar, S.D.: Enhancing snort IDS performance using TWIDS for collecting network logs dataset. Int. J. Res. Adv. Eng. Technol. 42–45 (2017). https://doi.org/10.22271/engineering

  16. Kotsiantis, S., Kanellopoulos, D.: Association rules mining: a recent overview. GESTS Int. Trans. Comput. Sci. Eng. 32(1), 71–82 (2006)

    Google Scholar 

  17. Agrawal, R., Imielinski, T., Swami, A.: Mining association rules between sets of items in large databases. In: Proceedings of the: Webb. G.I, Association Rules (1993). In Handbook

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computational Sciences and Technology, S.R.T.M University, Nanded, India

    Hajar Esmaeil As-Suhbani & S. D. Khamitkar

Authors
  1. Hajar Esmaeil As-Suhbani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. D. Khamitkar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hajar Esmaeil As-Suhbani .

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of South Dakota, Vermillion, SD, USA

    K. C. Santosh

  2. Solapur University, Solapur, India

    Ravindra S. Hegadi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

As-Suhbani, H.E., Khamitkar, S.D. (2019). Mining Frequent Patterns in Firewall Logs Using Apriori Algorithm with WEKA. In: Santosh, K., Hegadi, R. (eds) Recent Trends in Image Processing and Pattern Recognition. RTIP2R 2018. Communications in Computer and Information Science, vol 1037. Springer, Singapore. https://doi.org/10.1007/978-981-13-9187-3_50

Download citation

  • DOI: https://doi.org/10.1007/978-981-13-9187-3_50

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-13-9186-6

  • Online ISBN: 978-981-13-9187-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation