Abstract
With the enormous growth of security incidents in computer networks, the network security defense has gained significant attention from the information industry and network community. Firewalls are the first lines of defense for protecting computer networks and important information. They function as routers to connect different network segments together. Furthermore, they considered as the most important elements in the networks used by organizations to enforce their security policy. The security policies of enterprises and companies are implemented as firewall rules. These firewall rules are sensitive and any misconfiguration of them will cause anomalies. The subject of mining of frequent patterns in itemsets of the dataset is considered as one of the most important aspects in data mining technology. Apriori algorithm is the simplest and most powerful association rule mining (ARM) algorithms which can be efficiently used for mining frequent itemsets in the dataset. In this study, we proposed Apriori algorithm on WEKA to extract frequent itemset in the firewall logs to determine the best association rules that ensure the general orientations in the dataset.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Rizzardi, A.: Security in Internet of Things: networked smart objects. Doctoral thesis, Universitá degli Studi dell’Insubria (2016)
Golnabi, K., Min, R.K., Khan, L., Al-Shaer, E.: Analysis of firewall policy rules using data mining techniques. In: 10th IEEE/IFIP Network Operations and Management Symposium, NOMS 2006, vol. 5, pp. 305–315. IEEE (2006). https://doi.org/10.1109/NOMS.2006.1687561. Nagel, W.E., Walter, W.V., Lehner, W. (eds.) Euro-Par 2006. LNCS, vol. 4128, pp. 1148–1158. Springer, Heidelberg (2006). https://doi.org/10.1007/11823285_121
Lawal, O.B., Ibitola, A., Longe, O.B.: Analysis and evaluation of network-based intrusion detection and prevention system in an enterprise network using snort freeware. Afr. J. Comput. ICTs. 6(1), 169–184 (2013)
Ucar, E., Ozhan, E.: The analysis of firewall policy through machine learning and data mining. Wirel. Pers. Commun. 96, 2891 (2017). https://doi.org/10.1007/s11277-017-4330-0
Bello-Orgaz, G., Jung, J.J., Camacho, D.: Social big data: recent achievements and new challenges (2015)
Saboori, E., Parsazad, S., Sanatkhani, Y.: Automatic firewall rules generator for anomaly detection systems with Apriori algorithm. In: 3rd International Conference on Advanced Computer Theory and Engineering ICACTE, pp. 57–60 (2010)
Al-Shaer, E., Hamed, H., Boutaba, R., Hasan, M.: Conflict classification and analysis of distributed firewall policies. IEEE J. Sel. Areas Commun. 23(10), 2069–2084 (2005). https://doi.org/10.1109/JSAC.2005.854119
Breier, J., Branišová, J.: A dynamic rule creation based anomaly detection method for identifying security breaches in log records. Wirel. Pers. Commun. (2015). https://doi.org/10.1007/s11277-015-3128-1
Caruso, C., Malerba, D., Papagni, D.: Learning the daily model of network traffic. In: Hacid, MS., Murray, N.V., Raś, Z.W., Tsumoto, S. (eds.) ISMIS 2005. LNCS, vol. 3488, pp. 131–141. Springer, Heidelberg (2005). https://doi.org/10.1007/11425274_14
Tanna, P., Ghodasara, Y.: Using Apriori with WEKA for frequent pattern mining. arXiv preprint arXiv:1406.7371 (2014)
Shrivastava, A.K., Panda, R.N.: Implementation of Apriori algorithm using WEKA. KIET Int. J. Intell. Comput. Inform. 1(1), 4 (2014)
URL download WEKA: http://www.cs.waikato.ac.nz/ml/weka/
Snort. An open source network intrusion detection system. http://www.Snort.org/
TWIDS Tool: TWIDS. http://twids.cute.edu.tw/en
As-Suhbani, H., Khamitkar, S.D.: Enhancing snort IDS performance using TWIDS for collecting network logs dataset. Int. J. Res. Adv. Eng. Technol. 42–45 (2017). https://doi.org/10.22271/engineering
Kotsiantis, S., Kanellopoulos, D.: Association rules mining: a recent overview. GESTS Int. Trans. Comput. Sci. Eng. 32(1), 71–82 (2006)
Agrawal, R., Imielinski, T., Swami, A.: Mining association rules between sets of items in large databases. In: Proceedings of the: Webb. G.I, Association Rules (1993). In Handbook
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
As-Suhbani, H.E., Khamitkar, S.D. (2019). Mining Frequent Patterns in Firewall Logs Using Apriori Algorithm with WEKA. In: Santosh, K., Hegadi, R. (eds) Recent Trends in Image Processing and Pattern Recognition. RTIP2R 2018. Communications in Computer and Information Science, vol 1037. Springer, Singapore. https://doi.org/10.1007/978-981-13-9187-3_50
Download citation
DOI: https://doi.org/10.1007/978-981-13-9187-3_50
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-9186-6
Online ISBN: 978-981-13-9187-3
eBook Packages: Computer ScienceComputer Science (R0)