[Updated on Apr. 18] Integration of CiNii Articles into CiNii Research

Your Own Traffic Discrimination Method by Machine Learning Using Log of Firewall with Application Identification Function

Bibliographic Information

Other Title
  • アプリケーション識別機能付きファイアウォールのログを対象とした機械学習による自己らしい通信の識別手法

Search this article



Some of the threats of computers and networks cause unusual traffic unlike your own. We believe that a discrimination method to determine whether a certain series of traffic is similar to your own traffic or not is useful. In this paper, we propose such discrimination method by learning one's behavior of the traffic based on the log of the firewall with application identification function. For the learning phase of the proposed method, we create a classifier that receives a communication application sequence generated from the firewall log and outputs a numerical value that represents how much the sequence is like target user's. In the recognition phase, we discriminate the communication application sequence generated by applying the same method as in the learning phase to the firewall log using the classifier. In the experiments of the proposed method, the average value of AUC was 0.76037, which means that the proposed method is considered to achieve an acceptable discrimination ability. Moreover, it took about one hour to generate the classifier by using firewall logs for one month for each individual who is targeted. These results show that the proposed method is effective.


Citations (0)*help

See more


See more

Related Articles

See more

Related Data

See more

Related Books

See more

Related Dissertations

See more

Related Projects

See more

Related Products

See more


Report a problem

Back to top