Abstract
Firewalls are essential devices to protect the communication networks by means of filtering out all incoming (and sometimes outgoing) traffic packets. The filtration process is performed by matching the traffic packets against predefined rules aiming to preclude cyber-threats from getting into the network. Accordingly, the firewall system proceeds with either to “allow,” “deny,” or “drop/reset” the incoming packet. Thus, an automated smart actions’ classification process is essential for improved firewall operations. In this paper, we propose an intelligent classification model that can be employed in the firewall systems to produce proper action for every communicated packet by analyzing packet attributes using a shallow neural network (SNN). Specifically, the proposed model employs SNN with 150-neurons at the hidden layer to train and classify the Internet Firewall-2019 (IFW-2019) dataset into three classes, including: “allow, “deny,” and “drop/reset.” The experimental results exhibited our classification model's superiority, scoring an overall accuracy of 98.5% with a cross-entropy loss of 0.022 attained after 381 epochs for the 3-class classifier. Also, the proposed model was evaluated using several other evaluation metrics, including confusion matrix parameters, positive predictive value, true positive rate, harmonic mean, and false positive/negative rates. Eventually, the proposed model outperformed many other recent firewall classification systems in the same area of study.
Keywords
- Artificial intelligence (AI)
- Shallow neural networks (SNN)
- Network security
- Supervised learning
- Firewall device
- Firewall logs
- Classification
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Q.A. Al-Haija, L. Tawalbeh, Autoregressive modeling and prediction of annual worldwide cybercrimes for cloud environments, in IEEE 10th International Conference on Information and Communication Systems (ICICS), pp. 47–51, 2019
W. Noonan, I. Dubrawsky, Firewall Fundamentals (Pearson Education, 2006)
G. Ranganathan, Real time anomaly detection techniques using pyspark frame work. J. Artif. Intell. 2(01), 20–30 (2020)
P. Karunakaran, Deep Learning Approach to DGA Classification for Effective Cyber Security. J. Ubiquitous Comput. Commun. Technol. (UCCT) 2(04), 203–213 (2020)
Q.A. Al-Haija, S. Zein-Sabatto, An efficient deep-learning-based detection and classification system for cyber-attacks in IoT communication networks. Electronics 9(12), 2152. MDPI (2020). https://doi.org/10.3390/electronics9122152
A. Alrawais, A. Alhothaily, C. Hu, X. Cheng, Fog computing for the Internet of Things: security and privacy issues. IEEE Internet Comput. 21, 34–42 (2017)
R. Mahmoud, T. Yousuf, F. Aloul, I. Zualkernan, Internet of things (IoT) security: current status, challenges, and prospective measures, in Proceedings of the 10th International Conference for Internet Technology and Secured Transactions (ICITST), London, UK; pp. 336–341, 2015
Q.A. Al-Haija, C.D. McCurry, S. Zein-Sabatto, A real time node connectivity algorithm for synchronous cyber physical and IoT network systems, in 2020 SoutheastCon, Raleigh, NC, USA, 2020, pp. 1–8. https://doi.org/10.1109/SoutheastCon44009.2020.9249730
E. Ucar, E. Ozhan, The analysis of firewall policy through machine learning and data mining. Wirel. Pers. Commun. 96, 2891–2909 (2017)
G. Caspi, “Introducing deep learning: boosting cybersecurity with an artificial brain. Informa Tech” dark reading. Analytics (2016). http://www.darkreading.com/analytics
Q.A. Al-Haija, C.D. McCurry, S. Zein-Sabatto, Intelligent self-reliant cyber-attacks detection and classification system for IoT communication using deep convolutional neural network, in Selected Papers from the 12th International Networking Conference. INC 2020. Lecture Notes in Networks and Systems, vol 180 (Springer, 2021)
J. Brownlee, 4 types of classification tasks in machine learning, in Python Machine Learning, Machine Learning Mastery. (2020)
S. Haykin, Neural Networks and Learning Machines, 3rd edn. (Pearson publications, 2009). ISBN-13: 978-0-13-147139-9
C.C. Aggarwal, Machine learning with shallow neural networks. Neural Networks and Deep Learning (Springer, Cham, 2019). https://doi.org/10.1007/978-3-319-94463-0_2
Fei-Fei. CS231n: Convolutional Neural Networks for Visual Recognition. Computer Science, Stanford University (2019). Available online: http://cs231n.stanford.edu
J.S. Meneses, Z.R. Chavez, J.G. Rodriguez, Compressed kNN: K-nearest neighbors with data compression. Entropy 21(3), 234 (2019). https://doi.org/10.3390/e21030234
Y.Y. Song, Y. Lu, Decision tree methods: applications for classification and prediction. Shanghai Arch Psychiatry 27(2), 130–135. PMID: 26120265; PMCID: PMC4466856. (2015)
B.A. Tama, K.H. Rhee, An extensive empirical evaluation of classifier ensembles for intrusion detection task. Int. J. Comput. Syst. Sci. Eng. 32(2), 149–158 (2017)
A. Ghose, Support vector machine (SVM) tutorial: learning SVMs from examples. Medium: Towards Data Sci. (2017)
R. Garg, Types of classification algorithms. Analytics India Mag. (2018)
F. Ertam, M. Kaya, Classification of firewall log files with multiclass support vector machine, in 6th International Symposium on Digital Forensic and Security (ISDFS), Antalya, pp. 1–4 (2019)
UCI. Machine Learning Repository, Internet Firewall Data Set. Center for Machine Learning and Intelligent Systems (2019)
Q.A. Al-Haija, A. Adebanjo, Breast cancer diagnosis in histopathological images using ResNet-50 convolutional neural network, in 2020 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS), Vancouver, BC, Canada, 2020, pp. 1–7. https://doi.org/10.1109/IEMTRONICS51293.2020.9216455
A. Wang, Encode smarter: how to easily integrate categorical encoding into your machine learning pipeline. Feature Labs (2019). https://blog.featurelabs.com
A.I. Pîrîu, M. Leonte, N. Postolachi, D.T. Gavrilut, Optimizing Cleanset Growth by Using Multi-Class Neural Networks, in 2018 20th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC) (Timisoara, Romania, 2018), pp. 425–429
A. Banjongkan et al., A comparative study of learning techniques with convolutional neural network based on HPC-workload dataset. Int. J. Mach. Learn. Comput. 10(1) (2020)
S. Allagi, R. Rachh, Analysis of network log data using machine learning,” in IEEE 5th International Conference for Convergence in Technology, India, pp. 1–3 (2019)
Q.A. Al-Haija, M. Smadi, S. Zein-Sabatto, Multi-class weather classification using ResNet-18 CNN for autonomous IoT and CPS applications, in IEEE 7th Annual Conference on Computational Science & Computational Intelligence (CSCI'20), Las Vegas, USA (2020)
K.E. Koech, Cross-entropy loss function. Medium: Towards Data Sci. (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Al-Haija, Q.A., Ishtaiwi, A. (2022). Multiclass Classification of Firewall Log Files Using Shallow Neural Network for Network Security Applications. In: Ranganathan, G., Fernando, X., Shi, F., El Allioui, Y. (eds) Soft Computing for Security Applications . Advances in Intelligent Systems and Computing, vol 1397. Springer, Singapore. https://doi.org/10.1007/978-981-16-5301-8_3
Download citation
DOI: https://doi.org/10.1007/978-981-16-5301-8_3
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-5300-1
Online ISBN: 978-981-16-5301-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)