運用關聯規則及改變探勘技術於防火牆政策規則優化__臺灣人文及社會科學引文索引資料庫

:::

詳目顯示

第 1 筆 / 總合 1 筆

/1頁

來源文獻資料
摘要
外文摘要
引文資料

題名：	運用關聯規則及改變探勘技術於防火牆政策規則優化
書刊名：	資訊管理學報
作者：	胡雅涵／翁政雄／楊亞澄
作者(外文)：	Hu, Ya-han／Weng, Cheng-hsiung／Yang, Ya-cheng
出版日期：	2016
卷期：	23:3
頁次：	頁277-304
主題關鍵詞：	防火牆政策；防火牆日誌；資料探勘；關聯規則；改變探勘；Firewall policy；Firewall log；Data mining；Association rule；Change mining
原始連結：	連回原系統網址
相關次數：	被引用次數:期刊(0) 博士論文(0) 專書(0) 專書論文(0) 排除自我引用:0 共同引用:8 點閱:43

防火牆設備是企業最普遍的網路防護設施，隨著網路環境的改變，防火牆政策規則須不斷的更新，才能維持防火牆功能的正常運作。如何從防火牆日誌記錄中挖掘出有意義的規則，並且適時依據防火牆日誌記錄的變動篩選出不同樣式的規則，進而調整防火牆政策規則是一項有值得研究的議題。本研究嘗試整合關聯規則探勘（Association rule mining）及改變探勘（Change mining）技術，提出 Change-Based Association Rule Mining（CBARM）方法。首先，從防火牆日誌記錄中挖掘出有意義的規則，進而運用改變探勘技術辨識出新興樣式（Emerging patterns）、新增樣式（Added patterns）及消失樣式（Perished Patterns）等 3 種不同樣式的關聯規則。最後，將具有不同樣式的關聯規則運用於防火牆政策規則的調整，藉以提升防火牆效率。經實驗結果得知：CBARM 方法效能提升（封包比對次數減少）相較於 Apriori 方法約 95.19%至 582.19%。平均而言，效能約提升 212.10%。

以文找文

Purpose－A firewall is the network security system most frequently used by enterprises. Because of changes in the dynamic network environment, firewall policy rules must be constantly updated to maintain efficient firewall operation. Thus, the aim of this study is to optimize firewall policy rules and improve firewall efficiency by using association rules discovered in firewall logs. Design/methodology/approach－This paper proposes change-based association rule mining (CBARM), which integrates association rule mining and change mining techniques, to discover meaningful firewall policy rules in firewall logs. Specifically, CBARM first determines pertinent association rules by using firewall logs from different time periods. Subsequently, the change mining technique is used to identify emerging, added, and perished patterns. Finally, the three types of patterns can be utilized to optimize the firewall policy rules and enhance firewall efficiency. The firewall logs were collected from a technology company in Central Taiwan. The total number of rules matched in the firewall was used as a performance measure. Findings － The experimental results revealed that the proposed CBARM outperformed the Apriori approach, reducing the number of compared network packets with firewall policy rules by approximately 95.19% to 582.19%. On average, the performance of the proposed CBARM was 212.10% more effective than that of the Apriori approach. Research limitations/implications－This study investigated the firewall logs from one company only. Evaluating the logs from other companies is critical for confirming validity. In addition, future studies can integrate other data mining and machine learning techniques to refine the performance of the proposed method. Practical implications－Two practical implications are provided. First, the association rule mining technique is proven to derive useful firewall policy rules in firewall logs. Second, using the change mining technique can facilitate evaluating the generated rules and applying such rules to optimize firewall policy rules. Originality/value－This study is the first to extend association rule mining and change mining techniques to the domain of firewall log analysis, creating a new approach to optimizing firewall policy rules.

以文找文

期刊論文
1.	Kamsu-Foguem, B.、Rigal, F.、Mauget, F.(2013)。Mining association rules for the quality improvement of the production process。Expert Systems with Applications，40(4)，1034-1045。
2.	Chen, M. C.、Chiu, A. L.、Chang, H. H.(2005)。Mining changes in customer behavior in retail marketing。Expert Systems with Applications，28(4)，773-781。
3.	李瑞庭、楊富丞、李偉誠(20120100)。Mining Closed Multi-Dimensional Interval Patterns。資訊管理學報，19(1)，161-184。延伸查詢
4.	翁政雄(20111000)。從購買意願資料中挖掘高度相關性的關聯規則。資訊管理學報，18(4)，119-138。延伸查詢
5.	鄭麗珍、李麗美(20140400)。探勘不平衡資料集中之突顯樣式--以國道事故資料為實證研究。資訊管理學報，21(2)，161-183。延伸查詢
6.	龔旭陽、林美賢、林靖祐、賴威光(20100100)。針對重要稀少性資料之一種有效率關聯式探勘方法設計。資訊管理學報，17(1)，133-155。延伸查詢
7.	Agrawal, R.、Imieliński, T.、Swami, A.(1993)。Mining association rules between sets of items in large databases。ACM SIGMOD Record，22(2)，207-216。
8.	Ahn, K. I.(2012)。Effective product assignment based on association rule mining in retail。Expert Systems with Applications，39(16)，12551-12556。
9.	Al Abdulmohsin, I. M.(2009)。Techniques and algorithms for access control list optimization。Computers & Electrical Engineering，35(4)，556-566。
10.	Böttcher, M.、Spott, M.、Nauck, D.、Kruse, R.(2009)。Mining changing customer segments in dynamic markets。Expert Systems with Applications，36(1)，155-164。
11.	Chang, Ray-i、Chang, Keng-wei(20091200)。C-SWF Incremental Mining Algorithm for Firewall Policy Management。資訊、科技與社會學報，16，45-61。
12.	Dam, H. K.、Ghose, A.(2015)。Mining version histories for change impact analysis in business process model repositories。Computers in Industry，67，72-85。
13.	Feng, W.、Zhang, Q.、Hu, G.、Huang, J. X.(2014)。Mining network data for intrusion detection through combining SVMs with ant colony networks。Future Generation Computer Systems，37，127-140。
14.	Hamed, H.、Al-Shaer, E.(2006)。On autonomic optimization of firewall policy organization。Journal of High Speed Networks，15(3)，209-227。
15.	Hamed, H.、El-Atawy, A.、Al-Shaer, E.(2006)。On dynamic optimization of packet matching in high-speed firewalls。IEEE Journal on Selected Areas in Communications，24(10)，1817-1830。
16.	Hanguang, L.、Yu, N.(2012)。Intrusion detection technology research based on apriori algorithm。Physics Procedia，24，1615-1620。
17.	Hossain, S. M. S.、Rahman, S. M.、Kabir, M. F.(2012)。Network proxy log mining: association rule based security and performance enhancement for proxy server。Computer Science and Engineering，49，9852-9857。
18.	Hu, H.、Ahn, G. J.、Kulkarni, K.(2012)。Detecting and resolving firewall policy anomalies。IEEE Transactions on Dependable and Secure Computing，9(3)，318-331。
19.	Huang, T. C. K.(2012)。Mining the change of customer behavior in fuzzy time-interval sequential patterns。Applied Soft Computing，12(3)，1068-1086。
20.	Huang, Z.、Gan, C.、Lu, X.、Huan, H.(2013)。Mining the changes of medical behaviors for clinical pathways。Studies in Health Technology and Informatics，192，117-121。
21.	Kim, J. K.、Song, H. S.、Kim, H. K.(2005)。Detecting the change of customer behavior based on decision tree analysis。Expert Systems，22(4)，193-205。
22.	Li, C.、Reichert, M.、Wombacher, A.(2011)。Mining business process variants: Challenges, scenarios, algorithms。Data & Knowledge Engineering，70(5)，409-434。
23.	Li, G.、Law, R.、Vu, H. Q.、Rong, J.、Zhao, X. R.(2015)。Identifying emerging hotel preferences using Emerging Pattern Mining technique。Tourism Management，46，311-321。
24.	Li, J.、Wong, L.(2002)。Identifying good diagnostic gene groups from gene expression profiles using the concept of emerging patterns。Bioinformatics，18(5)，725-734。
25.	Mohammad, M. N.、Sulaiman, N.、Muhsin, O. A.(2011)。A novel intrusion detection system by using intelligent data mining in weka environment。Procedia Computer Science，3，1237-1242。
26.	Rao, C. S.、Rama, B. R.、Mani K. N.(2011)。Firewall policy management through sliding window filtering method using data mining techniques。International Journal of Computer Science & Engineering Survey，2(2)，39-55。
27.	Salah, K.、Elbadawi, K.、Boutaba, R.(2012)。Performance modeling and analysis of network firewalls。IEEE Transactions on Network and Service Management，9(1)，12-21。
28.	Sherhod, R.、Gillet, V. J.、Judson, P. N.、Vessey, J. D.(2012)。Automating knowledge discovery for toxicity prediction using jumping emerging pattern mining。Journal of Chemical Information and Modeling，52(11)，3074-3087。
29.	Shie, B. E.、Yu, P. S.、Tseng, V. S.(2013)。Mining interesting user behavior patterns in mobile commerce environments。Applied Intelligence，38(3)，418-435。
30.	Shih, M. J.、Liu, D. R.、Hsu, M. L.(2010)。Discovering competitive intelligence by mining changes in patent trends。Expert Systems with Applications，37(4)，2882-2890。
31.	Sreelaja, N. K.、Pai, G. A.(2010)。Ant Colony Optimization based approach for efficient packet filtering in firewall。Applied Soft Computing，10(4)，1222-1236。
32.	Tsai, C. Y.、Shieh, Y. C.(2009)。A change detection method for sequential patterns。Decision Support Systems，46(2)，501-511。
33.	Wang, G.、Zhao, Y.、Zhao, X.、Wang, B.、Qiao, B.(2010)。Efficiently mining local conserved clusters from gene expression data。Neurocomputing，73，7-9。
34.	黃仁鵬、藍國誠(20070400)。高效率探勘關聯規則之演算法--EFI。資訊管理學報，14(2)，139-167。延伸查詢
35.	Chang, R. I.、Lai, L. B.、Su, W. D.、Wang, J. C.、Kouh, J. S.(2007)。Intrusion detection by backpropagation neural networks with sample-query and attribute-query。International Journal of Computational Intelligence Research，3(1)，6-10。
36.	Song, H. S.、kyeong Kim, J.、Kim, S. H.(2001)。Mining the change of customer behavior in an internet shopping mall。Expert Systems with Applications，21(3)，157-168。

會議論文
1.	Ceci, M.、Appice, A.、Caruso, C.、Malerba. D.(2008)。Discovering emerging patterns for anomaly detection in network connection data。The 17th International Symposium，(會議日期: May 20-23)。Toronto。179-188。
2.	Al-Shaer, E. S.、Hamed, H. H.(2003)。Firewall policy advisor for anomaly discovery and rule editing。IFIP/IEEE Eighth International Symposium on Integrated Network Management，(會議日期: March 24-28)。Colorado Springs, USA。17-30。
3.	Casado, M.、Garfinkel, T.、Akella, A.、Freedman, M. J.、Boneh, D.、McKeown, N.、Shenker, S.(2006)。SANE: a protection architecture for enterprise networks。The 15th USENIX Security Symposium，(會議日期: July 31-Aug 4)。Vancouver, B.C.。137-151。
4.	Al-Shaer, E. S.、Hamed, H. H.(2004)。Discovery of policy anomalies in distributed firewalls。Twenty-third AnnualJoint Conference of the IEEE Computer and Communications Societies，(會議日期: March 7-11)。Hong Kong, China。2605-2616。
5.	Bailey, J.、Manoukian, T.、Ramamohanarao, K.(2003)。A fast algorithm for computing hypergraph transversals and its application in mining emerging patterns。The Third IEEE International Conference on Data Mining，(會議日期: November 19-22)。Melbourne, Florida。485。
6.	Dong, G.、Li, J.(1999)。Efficient mining of emerging patterns: discovering trends and differences。The Fifth ACM Sigkdd International Conference on Knowledge Discovery and Data Mining，(會議日期: 1999/08/15-08/18)。San Diego, California。43-52。
7.	El-Atawy, A.、Samak, T.、Wali, Z.、Al-Shaer, E.(2007)。An automated framework for validating firewall policy enforcement。The Eighth IEEE International Workshop on Policies for Distributed Systems and Networks，(會議日期: June 13-15)。Bologna。151-160。
8.	Ganti, V.、Gehrke, J.、Ramakrishnan, R.(1999)。CACTUS: clustering categorical data using summaries。The fifth ACM SIGKDD international conference on Knowledge discovery and data mining，(會議日期: August 15-18)。San Diego, CA。73-83。
9.	Golnabi, K.、Min, R. K.、Khan, L.、Al-Shaer, E.(2006)。Analysis of firewall policy rules using data mining techniques。The 10th IEEE/IFIP Network Operations and Management Symposium，(會議日期: April 3-7)。Vancouver, Canada。305-315。
10.	Hamed, H.、Al-Shaer, E.(2006)。Dynamic rule-ordering optimization for high-speed firewall filtering。The 2006 ACM Symposium on Information, Computer and Communications Security，(會議日期: March 21-24)。Taipei。332-342。
11.	Jeffrey, A.、Samak, T.(2009)。Model checking firewall policy configurations。The IEEE International Symposium on Policies for Distributed Systems and Networks，(會議日期: July 20-22)。London。60-67。
12.	Katic, T.、Pale, P.(2007)。Optimization of firewall rules。The 29th International Conference on Information Technology Interfaces，(會議日期: June 25-28)。Cavtat/Dubrovnik, Croatia。685-690。
13.	Masud, M. M.、Mustafa, U.、Trabelsi, Z.(2014)。A data driven firewall for faster packet filtering。The International Conference on Communications and Networking，(會議日期: March 19-22)。Hammamet, Tunisia。1-5。
14.	Liu, A. X.、Torng, E.、Meiners, C. R.(2008)。Firewall compressor: an algorithm for minimizing firewall policies。The 27th Conference on Computer Communications，(會議日期: April 13-18)。Phoenix, AZ。691-699。
15.	Lubna, K.、Cyiac, R.、Karun, K.(2013)。Firewall log analysis and dynamic rule re-ordering in firewall policy anomaly management framework。The International Conference on Green Computing, Communication and Conservation of Energy，(會議日期: December 12-14)。Chennai。853-856。
16.	Mustafa, U.、Masud, M. M.、Trabelsi, Z.、Wood, T.、Al Harthi, Z.(2013)。Firewall performance optimization using data mining techniques。The 9th International Wireless Communications and Mobile Computing Conference，(會議日期: July 1-5)。Cagliari, Sardinia。934-940。
17.	Park, J. H.、Lee, H. G.、Park, J. H.(2010)。Real-time diagnosis system using incremental emerging pattern mining。The 5th International Conference on Ubiquitous Information Technologies and Applications，(會議日期: December 16-18)。Sanya, Hainan。1-5。
18.	Saboori, E.、Parsazad, S.、Sanatkhani, Y.(2010)。Automatic firewall rules generator for anomaly detection systems with Apriori algorithm。The 3rd International Conference on Advanced Computer Theory and Engineering，(會議日期: August 20-22)。Chengdu。57-60。
19.	Vaarandi, R.(2013)。Detecting anomalous network traffic in organizational private networks。IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support，(會議日期: February 25-28)。San Diego, CA。285-292。
20.	Winding, R.、Wright, T.、Chapple, M.(2006)。System anomaly detection: mining firewall logs。Securecomm and Workshops，(會議日期: August 29-September 1)。Baltimore, MD。1-5。
21.	Yuan, L.、Chen, H.、Mai, J.、Chuah, C. N.、Su, Z.、Mohapatra, P.(2006)。FIREMAN: a toolkit for firewall modeling and analysis。IEEE Symposium on Security and Privacy，(會議日期: May 21-24)。Oakland, CA。199-213。
22.	Lee, W.、Stolfo, S. J.(1998)。Data mining approaches for intrusion detection。The 7th USENIX Security Symposium，(會議日期: January 26-29)。San Antonio, Texas。79-94。
23.	Wu, R. C.、Chen, R. S.、Chen, C. C.(2005)。Data mining application in customer relationship management of credit card business。The 29th Annual International Computer Software and Applications Conference，(會議日期: July 26-28)。Edinburgh。39-40。
24.	Agrawal, Rakesh、Srikant, Ramakrishnan(1994)。Fast algorithms for mining association rules。The 20th International Conference on Very Large Data Bases，487-499。

圖書
1.	Zwicky, E. D.、Cooper, S.、Chapman, D. B.(2000)。Building internet firewalls。O'Reilly Media, Inc.。

其他
1.	CSI(2011)。Computer Crime and Security Survey 2011，http://www.ncxgroup.com/wp-content/uploads/2012/02/CSIsurvey2010.pdf， 2013/12/07。
2.	US-GAO(2013)。CYBERSECURITY: National strategy, roles, and responsibilities need to be better defined and more effectively implemented，http://www.gao.gov/assets/660/652170.pdf， 2013/12/07。

推文
推薦
引用網址
引用嵌入語法
轉寄

top

:::

相關期刊
相關論文
相關專書
相關著作
熱門點閱

1.	教師在職進修研習課程大數據關聯規則研究初探：以2017年全國國中語文領域國文科教師為例
2.	探討醫院異常事件通報病患發生跌倒事件之分析--以中部某區域教學醫院為例
3.	探討環境教育論文的文件自動分類技術--以2013~2018年環境教育研討會摘要為例
4.	資料探勘演算法於軍人貪污量刑之預測及比較
5.	利用Apriori演算法探討失智症患者於照護者壓力之影響：以中部醫學中心為例
6.	GSPT：使用前序表的高效關聯規則演算法
7.	應用FP-Tree探勘多層次特徵規則
8.	探勘不平衡資料集中之突顯樣式--以國道事故資料為實證研究
9.	以資料探勘技術建立宅配業之車輛維修及預警決策支援系統
10.	Mining Closed Multi-Dimensional Interval Patterns
11.	從購買意願資料中挖掘高度相關性的關聯規則
12.	運用關聯規則和序列型樣探討投資地區之關聯性與遷移--以印刷電路板產業為例
13.	針對重要稀少性資料之一種有效率關聯式探勘方法設計
14.	疾病診斷異常之偵測：關聯規則之應用
15.	C-SWF Incremental Mining Algorithm for Firewall Policy Management

1.	以資料探勘分析影響國民中小學學習成就因素之研究
2.	從不精準或不確定性資料中挖掘關聯規則
3.	有效率的跨交易關聯規則探勘演算法

無相關書籍

無相關著作

1.	建構彩色濾光膜及微透鏡缺陷樣型分析之資料挖礦架構
2.	從公司與顧客的認知價值初探企業潛在無形資產：以自然語言處理的方法為應用
3.	影響網路強迫性購買傾向之因素研究關係網絡知識系統
4.	往復式高壓／真空成型機創新研發設計之研究
5.	移動虛擬社區用戶持續信息搜尋意願研究
6.	基於短語句法結構和依存句法分析的情感評價單元抽取
7.	責任倫理--民主社會的真實基礎
8.	臺灣社區通網站平臺使用頻率影響因素之研究：科技接受模型的觀點
9.	高職教師專業成長需求與研習參與態度之關係：以高屏地區教師為例
10.	虛擬代言人對廣告效果之影響：以產品類別、自我參照為干擾變數
11.	基於詞性組合規則結合維基百科進行中文命名實體辨識與消歧義
12.	一起來團購！團購意願前置因素之研究
13.	應用PPM理論探討高級進口車顧客之轉換意圖
14.	Factors for User Intention to Switch Browsers: A Cross-National Survey
15.	探討幼兒使用擴增實境學習形狀及顏色之科技接受模式及學習成效

QR Code

臺灣人文及社會科學引文索引資料庫系統

詳目顯示

臺灣人文及社會科學引文索引資料庫