TY - GEN
T1 - D-FRI-CiscoFirewall
T2 - 2019 IEEE International Conference on Fuzzy Systems, FUZZ 2019
AU - Naik, Nitin
AU - Shang, Changjing
AU - Shen, Qiang
AU - Jenkins, Paul
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/10/11
Y1 - 2019/10/11
N2 - Dynamic fuzzy rule interpolation (D-FRI) enhances the accuracy of sparse rule-based fuzzy reasoning via efficiently exploiting fuzzy rule interpolation to produce dynamic rules. Owing to its adaptive nature in delivering a dynamic rule base, it is particularly useful for those systems which experience frequent changes. Network security is one such area where frequent changes are quite likely due to changing network conditions and traffic. Thus, D-FRI has the potential to offer an optimised and adaptive approach for improving network security. The popular Cisco Adaptive Security Appliance (ASA) Firewall is capable of monitoring and alerting a range of common threats, by baselining the traffic of a network and analysing the statistics of dropped packets. An ASA process yields a large volume of statistical information relating to certain security events. Yet, threat detection is a rudimentary function since additional intelligence is required to automate the extraction of meaningful information for alerting the users. This could be achieved using expensive automated tools offered by a third party, but doing so may unnecessarily expose an organisation to other security threats. This paper takes a different approach, presenting a DFRI-CiscoFirewall in support of automated threat detection for Cisco ASA Firewall. Through utilising threat detection statistics, the approach can customise the detection process according to organisational requirements. It performs the relative analysis of prioritised security events and is able to predict comprehensive security situations while no matching rules are available. In particular, the approach supports the creation of a dynamic rule base, derived from changing network conditions and traffic density. Its efficacy is demonstrated by experimental evaluations.
AB - Dynamic fuzzy rule interpolation (D-FRI) enhances the accuracy of sparse rule-based fuzzy reasoning via efficiently exploiting fuzzy rule interpolation to produce dynamic rules. Owing to its adaptive nature in delivering a dynamic rule base, it is particularly useful for those systems which experience frequent changes. Network security is one such area where frequent changes are quite likely due to changing network conditions and traffic. Thus, D-FRI has the potential to offer an optimised and adaptive approach for improving network security. The popular Cisco Adaptive Security Appliance (ASA) Firewall is capable of monitoring and alerting a range of common threats, by baselining the traffic of a network and analysing the statistics of dropped packets. An ASA process yields a large volume of statistical information relating to certain security events. Yet, threat detection is a rudimentary function since additional intelligence is required to automate the extraction of meaningful information for alerting the users. This could be achieved using expensive automated tools offered by a third party, but doing so may unnecessarily expose an organisation to other security threats. This paper takes a different approach, presenting a DFRI-CiscoFirewall in support of automated threat detection for Cisco ASA Firewall. Through utilising threat detection statistics, the approach can customise the detection process according to organisational requirements. It performs the relative analysis of prioritised security events and is able to predict comprehensive security situations while no matching rules are available. In particular, the approach supports the creation of a dynamic rule base, derived from changing network conditions and traffic density. Its efficacy is demonstrated by experimental evaluations.
UR - http://www.scopus.com/inward/record.url?scp=85072867387&partnerID=8YFLogxK
U2 - 10.1109/FUZZ-IEEE.2019.8858999
DO - 10.1109/FUZZ-IEEE.2019.8858999
M3 - Conference contribution
AN - SCOPUS:85072867387
T3 - IEEE International Conference on Fuzzy Systems
BT - 2019 IEEE International Conference on Fuzzy Systems, FUZZ 2019
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 23 June 2019 through 26 June 2019
ER -