:::

詳目顯示

回上一頁
題名:C-SWF Incremental Mining Algorithm for Firewall Policy Management
書刊名:資訊、科技與社會學報
作者:Chang, Ray-iChang, Keng-wei
出版日期:2009
卷期:16
頁次:頁45-61
主題關鍵詞:Computer securityFirewallPolicy managementData miningAssociation rule
原始連結:連回原系統網址new window
相關次數:
  • 被引用次數被引用次數:期刊(1) 博士論文(0) 專書(0) 專書論文(0)
  • 排除自我引用排除自我引用:1
  • 共同引用共同引用:0
  • 點閱點閱:29
As the number of security incidents had been sharply growing, the issue of security-defense draws more and more attention from network community in past years. Firewall is known as one of the most popular security-defense mechanism for corporations. It is the first defense-line for security infrastructure of corporations to against external intrusions and threats. A firewall will filter packets by following its policy rules to avoid suspicious intruder executing illegal actions and damaging internal network. Well-designed policy rules can increase the security-defense effect to against security risk. In this paper, we apply association rule mining to analyze network logs and detect anomalous behaviors, such as connections those shown frequently in short period with the same source IP and port. From these anomalous behaviors, we could inference useful, up-to-dated and efficient firewall policy rules. Comparing with the method proposed in [18], we utilize incremental mining to handle the increasingly changed traffic log data. The proposed method can highly enhance the execution performance in data analyzing. Experimental results show that the execution efficiency of our method is better than that of traditional methods when dealing with large-sized log files.
期刊論文
1.Agarwal, R. C.、Aggarwal, C. C.、Prasad, V. V. V.(2001)。A tree projection algorithm for generation of frequent item sets。Journal of Parallel and Distributed Computing,61(3),350-371。  new window
2.Han, J.、Pei, J.、Yin, Y.、Mao, R.(2004)。Mining frequent patterns without candidate generation: a frequent pattern tree approach。Data Mining and Knowledge Discovery,8(1),53-87。  new window
3.Park, Jong-Soo、Chen, Ming-Syan、Yu, Philips S.(1997)。Using a hash-based method with transaction trimming for mining association rules。IEEE Transactions on Knowledge and Data Engineering,9(5),813-825。  new window
4.Chang, R. I.、Lai, L. B.、Su, W. D.、Wang, J. C.、Kouh, J. S.(2007)。Intrusion detection by backpropagation neural networks with sample-query and attribute-query。International Journal of Computational Intelligence Research,3(1),6-10。  new window
5.Wool, A.(2004)。A Quantitative Study of Firewall Configuration Errors。IEEE Computer,37(6),62-67。  new window
6.Barbara, A.、Couto, J.、Jajodia, A.、Wu, N.(2001)。ADAM: A Test-bed for Exploring the Use of Data Mining in Intrusion Detection。IEEE SMC Information Assurance Workshop, SIGMOD Record,30(4),15-24。  new window
7.Cheung, W.、Ng, V. T.、Fu, A. W.、Fu, Y.(1996)。Efficient Mining of Association Rules in Distributed Databases。IEEE Transactions on Knowledge and Data Engineering,8(6),911-922。  new window
8.Al-Shaer, E.、Hamed, H.(2004)。Discovery of Policy Anomalies in Distributed Firewalls。IEEE INFOCOM 04,23(1),2605-2616。  new window
9.Ukkonen, E.(1992)。Constructing Suffix-trees Online in Linear Time。Algorithms, Software, Architecture: Information Processing 92,1,484-492。  new window
10.Zaki, M. J.(1999)。Parallel and Distributed Association Mining: A Survey。IEEE Concurrency,7(4),14-25。  new window
11.Ashrafi, M. Z.、Taniar, D.、Smith, K.(2004)。ODAM: An Optimized Distributed Association Rule Mining Algorithm。IEEE Distributed Systems,5(3),14-25。  new window
會議論文
1.Agrawal, R.、Imielinski, T.、Swami, A. N.(1993)。Mining Association Rules between Sets of Items in Large Databases。The 1993 ACM SIGMOD International Conference on Management of Data,207-216。  new window
2.Cheung, D. W.、Ng, V.、Han, J.、Wong, C. Y.(1996)。Maintenance of Discovered Association Rules in Large Databases: An Incremental Updating Technique。The 12th International Conference on Data Engineering,106-114。  new window
3.Cheung, D. W.、Lee, S. D.、Kao, Benjamin(1997)。A General Incremental Technique for Maintaining Discovered Association Rules。The 5th International Conference on Database Systems for Advanced Applications。Melbourne。185-194。  new window
4.Brin, S.、Motwani, R.、Ullman, J. D.、Tsur, S.(1997)。Dynamic Itemset Counting and Implication Rules for Market Basket Data。The 1997 ACM SIGMOD international conference on Management of data,255-264。  new window
5.Agrawal, R.、Srikant, R.(1994)。Fast algorithms for mining association rules in large database。The 20th International Conference on Very Large Data Bases。Morgan Kaufmann Publishers Inc.。478-499。  new window
6.Savasere, A.、Omiecinski, E.、Navathe, S.(1995)。An Efficient Algorithm for Mining Association Rules in Large Databases432-444。  new window
7.Lee, H.、Lin, C. R.、Chen, M. S.(2001)。Sliding-Window Filtering: An Efficient Algorithm for Incremental Mining263-270。  new window
8.Al-Shaer, E.、Hamed, H.(2003)。Firewall Policy Advisor for Anomaly Detection and Rule Editing17-30。  new window
9.Fulp, E. W.(2005)。Optimization of Network Firewalls Policies using Directed Acyclic Graphs66-82。  new window
10.Golnabi, K.、Min, R.、Khan, L.、Al-Shaer, E.(2006)。Analysis of Firewall Policy Rules using Data Mining Techniques305-315。  new window
11.Hatonen, K.、Boulicaut, J. F.、Klemettinen, M.、Miettinen, M.、Masson, C.(2003)。Comprehensive Log Compression with Frequent PatternsSpringer-Verlag LNCS 2737,360-370。  new window
12.Verma, P.、Prakash, A.(2005)。FACE: A Firewall Analysis and Configuration Engine74-81。  new window
13.Acharya, S.、Wang, J.、Ge, Z.、Znati, T.、Greenberg, A.(2006)。Simulation Study of Firewalls to Aid Improved Performance18-26。  new window
14.Acharya, S.、Wang, J.、Ge, Z.、Znati, T.、Greenberg, A.(2006)。Traffic Aware Firewall Optimization Strategies2225-2230。  new window
15.Lee, W.、Stolfo, S. J.(1998)。Data Mining Approaches for Intrusion Detection79-94。  new window
圖書
1.Berry, Michael J. A.、Linoff, Gordon S.(1997)。Data Mining Techniques for Marketing, Sales and Customer Support。John Wiley & Sons, Inc.。  new window
2.Barbara, A.、Couto, J.、Jajodia, A.、Wu, N.(2002)。ADAM: An architecture for anomaly detection。Applications of Data Mining in Computer Security \ISBN\1-4020-7054-3。Boston。  new window
3.Gonnet, H.、Baeza-Yates, R. A.、Snider, T.(1992)。New Indices for Text: PAT Trees and PAT Arrays。Information Retrieval: Data Structures and Algorithms。  new window
4.Bellovin, S. M.、Rubin, A. D.、Cheswick, W. R.(2003)。Firewalls and Internet Security, Repelling the Wily Hacker。  new window
其他
1.(2004)。Five Mistakes of Security Log Analysis。  new window
2.CERT / COMPUTER EMERGENCY READINESS TEAM。CERT/CC Statistics 1988-2003 – incidents reported。  new window
3.Brown, L.。An Approach to Creating your Firewall Security Policy。  new window
4.Gordon, L. A.,Loeb, M. P.,Lucyshyn, W.,Richardson, R.(2005)。2005 CSI/FBI Computer Crime and Security Survey。  new window
 
 
 
 
第一頁 上一頁 下一頁 最後一頁 top
:::
無相關博士論文
 
無相關書籍
 
無相關著作
 
無相關點閱
 
QR Code
QRCODE