Total views : 252

Automatic Firewall Rule Generator for Network Intrusion Detection System based on Multiple Minimum Support

Affiliations

  • SITE, VIT University, Vellore - 632014, Tamil Nadu, India
  • RMK Engineering College, Gummidipoondi Taluk, Kavaraipettai, Tiruvallur - 601206, Tamil Nadu, India

Abstract


Background: Association rule mining plays a vital role in predicting the attacks and generating the firewall rules automatically. Data mining techniques discover the knowledge by counting the frequently occurring items, whereas most of the real-world datasets are non-uniform containing both frequently and relatively rarely occurring items. This paper discusses about how to generate the automatic firewall rules to detect anomalies using multiple minimum support. Methods: Mining association rules based on single minimum support approach suffers from the dilemma known as ‘rare item problem’ it requires multiple scans of database which increase the load and time consuming. To avoid this problem Multiple Minimum Support with Probability based approach (MMSP) is used to generate rules. Findings: To create a model of current user behavior from the dataset the probability will be compute with threshold value and the alarm will be raised accordingly. By using MMSP, the number of false alarm are reduced during intrusion detection and automatic firewall rules will be generated.

Keywords

Apriori, Firewall, Intrusion Detection, Minimum Support, Probability Approach, Rare Association Mining.

Full Text:

 |  (PDF views: 236)

References


  • Amudha P, Karthik S, Sivakumari S. An experimental analysis of hybrid classification approach for intrusion detection. Indian Journal of Science and Technology. 2016 Mar; 9(13). DOI: 10.17485/ijst/2016/v9i13/81977.
  • Prasad SNSE, Srinath MV, Basha MS. Intrusion detection systems, tools and techniques – an overview. Indian Journal of Science and Technology. 2015 Dec; 8(35). DOI: 10.17485/ijst/2015/v8i35/80108.
  • Wankhade AD, Chatur PN. Comparison of firewall and intrusion detection system. International Journal of Computer Science and Information Technologies. 2014; 5(1):674–8.
  • Rawat SS, Rajamani L. Probability Apriori based approach to mine rare association rules. 3rd Conference on Data Mining and Optimization (DMO), Selangor, Malaysia; 2011 Jun. p. 253–8.
  • Chang R,Liu Z, An improved Apriori algorithm. International Conference on Electronics and Optoelectronics (ICEOE2011); 2011. p. 476–8.
  • Saboori E, Parsazad S, Sanatkhani Y. Automatic firewall rules generator for anomaly detection systems with Apriori algorithm. 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE); 2010. p. 57–60.
  • Kiran RU, Reddy PK. Mining rare association rules in the datasets in which items’ frequencies vary widely at Center for Data Engineering. International Institute of Information Technology, Hyderabad. 2010; 5981:49.
  • Kiran RU, Reddy PK. An improved multiple minimum support based approach to mine rare association rules. IEEE Symposium on Computational Intelligence and Data Mining (IEEECIDM), TN; 2009. p. 340–7.
  • Yun H, Ha D, Hwang B, Ryu KH. Mining Association rules on significant rare data using relative support. The Journal of Systems and Software. 2003; 67(3):181–91.
  • Liu B, Hsu W, Ma Y. Mining association rules with multiple minimum supports. SIGKDD Explortions; 1999. p. 337–41.
  • Nithya S, Jerlin MA, Charanya R, Jayakumar S, Rathi R. Self-restorative cluster head selection in heterogeneous network. Global Journal of Pure and Applied Mathematics. 2015 Jun-Jul; 11(3):1655–2522.
  • Agrawal R, Srikant R. Fast algorithms for mining association rules. Proceedings of 20th International Conference on Very Large Data Bases, Santiago, Chile; 1994 Sep. p. 487–99.
  • Jerlin MA, Jayakumar C. A dynamic malware analysis for windows platform-a survey. Indian Journal of Science and Technology. 2015; 8(27).

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.