版权所有:内蒙古大学图书馆 技术提供:维普资讯• 智图
内蒙古自治区呼和浩特市赛罕区大学西街235号 邮编: 010021
Classification of Firewall Log Files withDifferent Algorithms and PerformanceAnalysis of These Algorithms
作者机构:Kutahya Dumlupinar Univ Software Dept Kutahya Turkiye Trakya Univ Dept Comp Programming Edirne Turkiye
出 版 物:《JOURNAL OF WEB ENGINEERING》 (J. Web Eng.)
年 卷 期:2024年第23卷第4期
页 面:561-594页
核心收录:
学科分类:08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术(可授工学、理学学位)]
主 题:Firewalls log files classification performance metrics the Simple Cart algorithm
摘 要:Classifying firewall log files allows analysing potential threats and decidingon appropriate rules to prevent them. Therefore, in this study, firewall log filesare classified using different classification algorithms and the performanceof the algorithms are evaluated using performance metrics. The dataset wasprepared using the log files of a firewall. It was filtered to make it free fromany personal data and consisted of 12 attributes in total and from theseattributes the action attribute was selected as the class. In the performanceevaluation, Simple Cart and NB tree algorithms made the best predictions,achieving an accuracy rate of 99.84%. Decision Stump had the worst predic-tion performance, achieving an accuracy rate of 79.68%. As the total numberof instances belonging to each of the classes in the dataset was not equal, theMatthews correlation coefficient was also used as a performance metric in theevaluations. The Simple Cart, BF tree, FT tree, J48 and NB Tree algorithmsachieved the highest average values. However, although the reset-both classwas not predicted successfully by the others, the Simple Cart algorithm madethe best predictions for it. The values of other performance metrics used inthis study also support this conclusion. Therefore, the Simple Cart algorithm is recommended for use in classifying firewall log files. However, there is aneed to develop a prefiltering and parsing approach to process different logfiles as each firewall brand creates and maintains log files in its own ***, in this study, a novel prefiltering and parsing approach has beenproposed to process log files with different structures and create structureddatasets using them.
