Data Mining on the Router Logs for Statistical Application Classification
With the advance of information technology in the
new era the applications of Internet to access data resources has
steadily increased and huge amount of data have become accessible
in various forms. Obviously, the network providers and agencies,
look after to prevent electronic attacks that may be harmful or may
be related to terrorist applications. Thus, these have facilitated the
authorities to under take a variety of methods to protect the special
regions from harmful data. One of the most important approaches is
to use firewall in the network facilities. The main objectives of
firewalls are to stop the transfer of suspicious packets in several
ways. However because of its blind packet stopping, high process
power requirements and expensive prices some of the providers are
reluctant to use the firewall. In this paper we proposed a method to
find a discriminate function to distinguish between usual packets and
harmful ones by the statistical processing on the network router logs.
By discriminating these data, an administrator may take an approach
action against the user. This method is very fast and can be used
simply in adjacent with the Internet routers.
[1] P. Gupta, N. McKeown, "Algorithms for Packet Classification", IEEE
Networks, Mar/Apr 2001.
[2] A. Benczur, K.Csalogany, A.Lukacs, B. Racz, C.Sidlo, M.Uher,
L.Vegh, "An Architecture for Mining Massive Web Logs with
Experiments", Project Report Data Riddle & OTKA & AKP ,2003.
[3] Q. Yang, H. Wang, W. Zhang, "Web-log Mining for Quantitative
Temporal-Event Prediction", IEEE Computational Intelligence Bulletin,
2002.
[4] Z. Su, Q. Yang, H. Zhang, X. Xu, Y. Hu, "Correlation-based
Document Clustering using Web Logs", Microsoft Research China
Report, 1999-2000.
[5] K. Fukunaga, "Statistical Pattern Recognition", Academic Press Inc.
[6] W. Stallings, "Data and Computer Communications", Prentice Hall.
[7] E. Chong, S. Zak, "An Introduction to Optimization", John Wiley &
Sons Inc.
[8] E. Khorram, S.M. Mirzababaei, "Finding an Optimized Discriminate
Function ", Proceeding of ALDM-05, 2005.
[9] J. Cooper, "The Book of Webmin",avilable at: http://
www.swelltech.com/ support/ webminguide/ ch12.html,
Amazon.ca,2003.
[10] IETF Standard Track Category: IETF Uniform Resource Locators
(URL) Specification: RFC 1738.
[1] P. Gupta, N. McKeown, "Algorithms for Packet Classification", IEEE
Networks, Mar/Apr 2001.
[2] A. Benczur, K.Csalogany, A.Lukacs, B. Racz, C.Sidlo, M.Uher,
L.Vegh, "An Architecture for Mining Massive Web Logs with
Experiments", Project Report Data Riddle & OTKA & AKP ,2003.
[3] Q. Yang, H. Wang, W. Zhang, "Web-log Mining for Quantitative
Temporal-Event Prediction", IEEE Computational Intelligence Bulletin,
2002.
[4] Z. Su, Q. Yang, H. Zhang, X. Xu, Y. Hu, "Correlation-based
Document Clustering using Web Logs", Microsoft Research China
Report, 1999-2000.
[5] K. Fukunaga, "Statistical Pattern Recognition", Academic Press Inc.
[6] W. Stallings, "Data and Computer Communications", Prentice Hall.
[7] E. Chong, S. Zak, "An Introduction to Optimization", John Wiley &
Sons Inc.
[8] E. Khorram, S.M. Mirzababaei, "Finding an Optimized Discriminate
Function ", Proceeding of ALDM-05, 2005.
[9] J. Cooper, "The Book of Webmin",avilable at: http://
www.swelltech.com/ support/ webminguide/ ch12.html,
Amazon.ca,2003.
[10] IETF Standard Track Category: IETF Uniform Resource Locators
(URL) Specification: RFC 1738.
@article{"International Journal of Information, Control and Computer Sciences:57768", author = "M. Rahmati and S.M. Mirzababaei", title = "Data Mining on the Router Logs for Statistical Application Classification", abstract = "With the advance of information technology in the
new era the applications of Internet to access data resources has
steadily increased and huge amount of data have become accessible
in various forms. Obviously, the network providers and agencies,
look after to prevent electronic attacks that may be harmful or may
be related to terrorist applications. Thus, these have facilitated the
authorities to under take a variety of methods to protect the special
regions from harmful data. One of the most important approaches is
to use firewall in the network facilities. The main objectives of
firewalls are to stop the transfer of suspicious packets in several
ways. However because of its blind packet stopping, high process
power requirements and expensive prices some of the providers are
reluctant to use the firewall. In this paper we proposed a method to
find a discriminate function to distinguish between usual packets and
harmful ones by the statistical processing on the network router logs.
By discriminating these data, an administrator may take an approach
action against the user. This method is very fast and can be used
simply in adjacent with the Internet routers.", keywords = "Data Mining, Firewall, Optimization, Packetclassification, Statistical Pattern Recognition.", volume = "1", number = "12", pages = "3912-4", }