Usama Anwar scite author profile

Rapid increase in internet users also brought new ways of privacy and security exploitation. Intrusion is one of such attacks in which an authorized user can access system resources and is major concern for cyber security community. Although AV and firewall companies work hard to cope with this kind of attacks and generate signatures for such exploits but still, they are lagging behind badly in this race. This research proposes an approach to ease the task of rules generationby making use of machine learning for this purpose. We used 17 network features to train a random forest classifier and this trained classifier is then translated into rules which can easily be integrated with most commonly used firewalls like snort and suricata etc. This work targets five kind of attacks: brute force, denial of service, HTTP DoS, infiltrate from inside and SSH brute force. Separate rules are generated for each kind of attack. As not every generated rule contributes toward detection that's why an evaluation mechanism is also used which selects the best rule on the basis of precision and f-measure values. Generated rules for some attacks have 100% precision with detection rate of more than 99% which represents effectiveness of this approach on traditional firewalls. As our proposed system translates trained classifier model into set of rules for firewalls so it is not only effective for rules generation but also give machine learning characteristics to traditional firewall to some extent.

show abstract

Dynamic binary translation in a type-II hypervisor for Cavium Octeon MIPS64 based systems

Qurrat-ul-ain

Anwar

Usmani

et al. 2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Usama Anwar

HTTM - Design and Implementation of a Type-2 Hypervisor for MIPS64 Based Systems

Flow-Based Rules Generation for Intrusion Detection System using Machine Learning Approach

Dynamic binary translation in a type-II hypervisor for Cavium Octeon MIPS64 based systems

Contact Info

Product

Resources

About