Network Firewall using Artificial Neural Networks

Authors

  • Kristián Valentín Department of Applied Informatics, Faculty of Mathematics, Physics and Informatics, Comenius University, Mlynská dolina, Bratislava
  • Michal Malý Department of Applied Informatics, Faculty of Mathematics, Physics and Informatics, Comenius University, Mlynská dolina, Bratislava

Keywords:

Network firewall, artificial neural networks, computer security

Abstract

Today's most common firewalls are mostly rule-based. Their knowledge consists of a set of rules upon which they process received packets. They cannot do anything they have not been explicitly configured to do. This makes the system more straightforward to set up, but less flexible and less adaptive to changing circumstances. We will investigate a network firewall whose rule-base we will try to model using an artificial neural network, more specifically using a multi-layer perceptron (MLP) trained by the back-propagation algorithm. The training data are acquired from the network and we consider two possible scenarios. In Scenario 1, the user has no firewall available and the policy is deduced from the existing traffic in the network which is considered to be legitimate. In Scenario 2, the learning module is placed behind the existing firewall (or firewalls) in order to learn their behavior. In both cases, all traffic, which is recorded, contains only positive examples; however, a direct training of a MLP from a set of positive examples is impossible. We solved this problem using a synthetic generation of negative examples which led to successful learning.

Downloads

Download data is not yet available.

Downloads

How to Cite

Valentín, K., & Malý, M. (2014). Network Firewall using Artificial Neural Networks. COMPUTING AND INFORMATICS, 32(6), 1312–1327. Retrieved from https://www.cai.sk/ojs/index.php/cai/article/view/2167