{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,4]],"date-time":"2026-01-04T02:36:36Z","timestamp":1767494196975,"version":"3.37.3"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2017,5,17]],"date-time":"2017-05-17T00:00:00Z","timestamp":1494979200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Wireless Pers Commun"],"published-print":{"date-parts":[[2017,9]]},"DOI":"10.1007\/s11277-017-4330-0","type":"journal-article","created":{"date-parts":[[2017,5,17]],"date-time":"2017-05-17T05:29:15Z","timestamp":1494998955000},"page":"2891-2909","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":28,"title":["The Analysis of Firewall Policy Through Machine Learning and Data Mining"],"prefix":"10.1007","volume":"96","author":[{"given":"Erdem","family":"Ucar","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3971-2676","authenticated-orcid":false,"given":"Erkan","family":"Ozhan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,5,17]]},"reference":[{"key":"4330_CR1","doi-asserted-by":"publisher","unstructured":"Al-Shaer, E. (2004). Managing firewall and network-edge security policies. In 2004 IEEE\/IFIP Network Operations and Management Symposium (Vol. 1, p. 926). Seoul: IEEE. doi:\n 10.1109\/NOMS.2004.1317810\n \n .","DOI":"10.1109\/NOMS.2004.1317810"},{"issue":"10","key":"4330_CR2","doi-asserted-by":"publisher","first-page":"2069","DOI":"10.1109\/JSAC.2005.854119","volume":"23","author":"E Al-Shaer","year":"2005","unstructured":"Al-Shaer, E., Hamed, H., Boutaba, R., & Hasan, M. (2005). Conflict classification and analysis of distributed firewall policies. IEEE Journal on Selected Areas in Communications, 23(10), 2069\u20132084. doi:\n 10.1109\/JSAC.2005.854119\n \n .","journal-title":"IEEE Journal on Selected Areas in Communications"},{"key":"4330_CR3","doi-asserted-by":"publisher","unstructured":"Al-Shaer, E. S., & Hamed, H. H. (2003). Firewall policy advisor for anomaly discovery and rule editing. In G. Goldszmidt & J. Schnwlder (Eds.), Integrated network management VIII: Managing it all (p. 1730). Boston, MA: Springer. doi:\n 10.1007\/978-0-387-35674-7\n \n .","DOI":"10.1007\/978-0-387-35674-7"},{"key":"4330_CR4","volume-title":"Introduction to machine learning","author":"E Alpayd\u0131n","year":"2010","unstructured":"Alpayd\u0131n, E. (2010). Introduction to machine learning (2nd ed.). Cambridge, MA, London: MIT Press.","edition":"2"},{"key":"4330_CR5","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-015-3128-1","author":"J Breier","year":"2015","unstructured":"Breier, J., & Brani\u0161ov\u00e1, J. (2015). A dynamic rule creation based anomaly detection method for identifying security breaches in log records. Wireless Personal Communications,. doi:\n 10.1007\/s11277-015-3128-1\n \n .","journal-title":"Wireless Personal Communications"},{"key":"4330_CR6","unstructured":"Caruso, C., Malerba, D., & Papagni, D. (2005). Learning the daily model of network traffic. In Foundations of Intelligent Systems(pp. 131\u2013141). Saratoga Springs, NY. \n http:\/\/link.springer.com\/chapter\/10.1007\/11425274_14\n \n ."},{"key":"4330_CR7","doi-asserted-by":"publisher","unstructured":"Chen, N., Shou, G., Hu, Y., & Guo, Z. (2009). An experimental research of traffic identification algorithms in broadband network. In 2009 International Symposium on Computer Network and Multimedia Technology(pp. 1\u20134). Wuhan: IEEE. doi:\n 10.1109\/CNMT.2009.5374758\n \n .","DOI":"10.1109\/CNMT.2009.5374758"},{"issue":"14","key":"4330_CR8","doi-asserted-by":"publisher","first-page":"2109","DOI":"10.1002\/sim.1180","volume":"21","author":"H Chmura Kraemer","year":"2002","unstructured":"Chmura Kraemer, H., Periyakoil, V. S., & Noda, A. (2002). Kappa coefficients in medical research. Statistics in Medicine, 21(14), 2109\u20132129. doi:\n 10.1002\/sim.1180\n \n .","journal-title":"Statistics in Medicine"},{"key":"4330_CR9","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1177\/001316446002000104","volume":"20","author":"J Cohen","year":"1960","unstructured":"Cohen, J. (1960). A coefficient of agreement for nominal scales. Educational and Psychological Measurement, 20, 37\u201346. doi:\n 10.1177\/001316446002000104\n \n .","journal-title":"Educational and Psychological Measurement"},{"issue":"1","key":"4330_CR10","doi-asserted-by":"publisher","first-page":"2127","DOI":"10.1109\/TIT.1967.1053964","volume":"13","author":"T Cover","year":"1967","unstructured":"Cover, T., & Hart, P. (1967). Nearest neighbour pattern classification. IEEE Transactions on Information Theory, 13(1), 2127. doi:\n 10.1109\/TIT.1967.1053964\n \n .","journal-title":"IEEE Transactions on Information Theory"},{"key":"4330_CR11","doi-asserted-by":"publisher","unstructured":"Eisenstein, J., & Davis, R. (2004). Visual and linguistic information in gesture classification. In Proceedings of the 6th International Conference on Multimodal Interfaces\u2014ICMI04, (p. 113). New York, NY: ACM Press. doi:\n 10.1145\/1027933.1027954\n \n .","DOI":"10.1145\/1027933.1027954"},{"key":"4330_CR12","doi-asserted-by":"publisher","unstructured":"Frei, A., & Rennhard, M. (2008). Histogram matrix: Log file visualization for anomaly detection. In ARES 2008\u20143rd International Conference on Availability, Security, and Reliability, Proceedings (pp. 610\u2013617). doi:\n 10.1109\/ARES.2008.148\n \n .","DOI":"10.1109\/ARES.2008.148"},{"key":"4330_CR13","doi-asserted-by":"publisher","unstructured":"Golnabi, K., Min, R. K., Khan, L., & Al-Shaer, E. (2006). Analysis of firewall policy rules using data mining techniques. In 10th IEEE\/IFIP Network Operations and Management Symposium NOMS 2006 (Vol. 5, pp. 305\u2013315). IEEE. doi:\n 10.1109\/NOMS.2006.1687561\n \n .","DOI":"10.1109\/NOMS.2006.1687561"},{"issue":"4","key":"4330_CR14","doi-asserted-by":"publisher","first-page":"1106","DOI":"10.1016\/j.comnet.2006.06.015","volume":"51","author":"MG Gouda","year":"2007","unstructured":"Gouda, M. G., & Liu, A. X. (2007). Structured firewall design. Computer Networks, 51(4), 1106\u20131120. doi:\n 10.1016\/j.comnet.2006.06.015\n \n .","journal-title":"Computer Networks"},{"key":"4330_CR15","unstructured":"Han, J., & Kamber, M. (2006). Data mining concepts and techniques. In J. Gray (Ed.), Data mining: Concepts and techniques (2nd ed.). San Francisco, CA: Morgan Kaufmann Publishers."},{"issue":"1","key":"4330_CR16","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1023\/A:1022631118932","volume":"11","author":"RC Holte","year":"1993","unstructured":"Holte, R. C. (1993). Very simple classification rules perform well on most commonly used datasets. Machine Learning, 11(1), 63\u201391.","journal-title":"Machine Learning"},{"issue":"3","key":"4330_CR17","doi-asserted-by":"publisher","first-page":"318","DOI":"10.1109\/TDSC.2012.20","volume":"9","author":"H Hu","year":"2012","unstructured":"Hu, H., Ahn, G. J., & Kulkarni, K. (2012). Detecting and resolving firewall policy anomalies. IEEE Transactions on Dependable and Secure Computing, 9(3), 318\u2013331. doi:\n 10.1109\/TDSC.2012.20\n \n .","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"issue":"13","key":"4330_CR18","doi-asserted-by":"publisher","first-page":"1107","DOI":"10.1016\/S0140-3664(98)00173-X","volume":"21","author":"R Hunt","year":"1998","unstructured":"Hunt, R. (1998). Internet\/intranet firewall security-policy, architecture and transaction services. Computer Communications, 21(13), 1107\u20131123. doi:\n 10.1016\/S0140-3664(98)00173-X\n \n .","journal-title":"Computer Communications"},{"key":"4330_CR19","doi-asserted-by":"publisher","unstructured":"Kerdegari, H., Samsudin, K., Ramli, A. R., & Mokaram, S. (2012). Evaluation of fall detection classification approaches. In 2012 4th International Conference on Intelligent and Advanced Systems (ICIAS2012) (Vol. 1, pp. 131\u2013136). Kuala Lumpur: IEEE. doi:\n 10.1109\/ICIAS.2012.6306174\n \n .","DOI":"10.1109\/ICIAS.2012.6306174"},{"key":"4330_CR20","doi-asserted-by":"publisher","unstructured":"Khan, B., Khan, M. K., Mahmud, M., & Alghathbar, K. S. (2010). Security analysis of firewall rule sets in computer networks. In 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies (pp. 51\u201356). Venice: IEEE. doi:\n 10.1109\/SECURWARE.2010.16\n \n .","DOI":"10.1109\/SECURWARE.2010.16"},{"key":"4330_CR21","doi-asserted-by":"publisher","unstructured":"Kowalski, K., & Beheshti, M. (2006). Analysis of log files intersections for security enhancement. In Third International Conference on Information Technology: New Generations (ITNG06) (pp. 452\u2013457). Las Vegas: IEEE. doi:\n 10.1109\/ITNG.2006.32","DOI":"10.1109\/ITNG.2006.32"},{"issue":"2","key":"4330_CR22","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1037\/a0021764","volume":"16","author":"K Lai","year":"2011","unstructured":"Lai, K., & Kelley, K. (2011). Accuracy in parameter estimation for targeted effects in structural equation modeling: Sample size planning for narrow confidence intervals. Psychological Methods, 16(2), 127\u2013148. doi:\n 10.1037\/a0021764\n \n .","journal-title":"Psychological Methods"},{"issue":"4","key":"4330_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2109211.2109212","volume":"11","author":"AX Liu","year":"2012","unstructured":"Liu, A. X. (2012). Firewall policy change-impact analysis. ACM Transactions on Internet Technology, 11(4), 1\u201324. doi:\n 10.1145\/2109211.2109212\n \n .","journal-title":"ACM Transactions on Internet Technology"},{"key":"4330_CR24","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1016\/j.ins.2013.04.016","volume":"257","author":"A Maratea","year":"2014","unstructured":"Maratea, A., Petrosino, A., & Manzo, M. (2014). Adjusted F-measure and kernel scaling for imbalanced data learning. Information Sciences, 257, 331\u2013341. doi:\n 10.1016\/j.ins.2013.04.016\n \n .","journal-title":"Information Sciences"},{"issue":"2","key":"4330_CR25","first-page":"268","volume":"91","author":"KP Moses","year":"2012","unstructured":"Moses, K. P., & Devadas, M. D. (2012). An approach to reduce root mean square error in toposheets. European Journal of Scientific Researach, 91(2), 268\u2013274.","journal-title":"European Journal of Scientific Researach"},{"key":"4330_CR26","unstructured":"Nilsson, N. J. (1998). Introduction to Machine Learning. Stanford, CA. Retrieved from \n http:\/\/robotics.stanford.edu\/people\/nilsson\/mlbook.html\n \n ."},{"key":"4330_CR27","unstructured":"NIST. (2016). National Vulnerability Database. Technical report, National Institute of Standarts and Information Technology Laboratory, Gaithersburg, MD. \n https:\/\/nvd.nist.gov\/home.cfm\n \n ."},{"key":"4330_CR28","doi-asserted-by":"publisher","unstructured":"Olson, D. L., & Delen, D. (2008). Advanced data mining techniques(1st edn.). Berlin, Heidelberg: Springer. doi:\n 10.1007\/978-3-540-76917-0\n \n .","DOI":"10.1007\/978-3-540-76917-0"},{"key":"4330_CR29","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1016\/j.agrformet.2013.06.005","volume":"180","author":"A Parker","year":"2013","unstructured":"Parker, A., de Cort\u00e1zar-Atauri, I. G., Chuine, I., Barbeau, G., Bois, B., Boursiquot, J. M., et al. (2013). Classification of varieties for their timing of flowering and veraison using a modelling approach: A case study for the grapevine species Vitis vinifera L. Agricultural and Forest Meteorology, 180, 249\u2013264. doi:\n 10.1016\/j.agrformet.2013.06.005\n \n .","journal-title":"Agricultural and Forest Meteorology"},{"issue":"3","key":"4330_CR30","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1016\/j.istr.2005.07.001","volume":"10","author":"T Pietraszek","year":"2005","unstructured":"Pietraszek, T., & Tanner, A. (2005). Data mining and machine learning towards reducing false positives in intrusion detection. Information Security Technical Report, 10(3), 169\u2013183. doi:\n 10.1016\/j.istr.2005.07.001\n \n .","journal-title":"Information Security Technical Report"},{"key":"4330_CR31","doi-asserted-by":"publisher","DOI":"10.1016\/B978-193183690-6\/50046-7","volume-title":"The best damn firewall book period","author":"TW Shinder","year":"2003","unstructured":"Shinder, T. W., Amon, C., Shimonski, R. J., & Shinder, D. L. (2003). The best damn firewall book period. Rockland, MA: Syngress Publishing. doi:\n 10.1016\/B978-193183690-6\/50046-7\n \n ."},{"issue":"1\u20134","key":"4330_CR32","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1016\/j.peva.2004.10.004","volume":"60","author":"MC Smith","year":"2005","unstructured":"Smith, M. C., & Peterson, G. D. (2005). Parallel application performance on shared high performance reconfigurable computing resources. Performance Evaluation, 60(1\u20134), 107\u2013125. doi:\n 10.1016\/j.peva.2004.10.004\n \n .","journal-title":"Performance Evaluation"},{"key":"4330_CR33","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1016\/j.chemolab.2013.08.003","volume":"128","author":"S Smusz","year":"2013","unstructured":"Smusz, S., Kurczab, R., & Bojarski, A. J. (2013). A multidimensional analysis of machine learning methods performance in the classification of bioactive compounds. Chemometrics and Intelligent Laboratory Systems, 128, 89\u2013100. doi:\n 10.1016\/j.chemolab.2013.08.003\n \n .","journal-title":"Chemometrics and Intelligent Laboratory Systems"},{"key":"4330_CR34","unstructured":"Tran, T., Al-Shaer, E. S., & Boutaba, R. (2007). 055 PolicyVis: Firewall security policy visualization and inspection. In Proceedings of the 21st conference on Large Installation System Administration Conference USENIX Association (Vol. 7, pp. 1\u201316). \n http:\/\/usenix.org\/event\/lisa07\/tech\/full_papers\/tran\/tran.pdf\n \n ."},{"key":"4330_CR35","unstructured":"Viera, A. J., & Garrett, J. M. (2005). Understanding inter observer agreement: The kappa statistic. Family Medicine, 37(5), 360\u2013363, \n http:\/\/www.ncbi.nlm.nih.gov\/pubmed\/15883903\n \n ."},{"key":"4330_CR36","doi-asserted-by":"publisher","unstructured":"Winding, R., Wright, T., & Chapple, M. (2006). System anomaly detection: Mining firewall logs. In 2006 Securecomm and Workshops (pp. 1\u20135). Baltimore, MD: IEEE. doi:\n 10.1109\/SECCOMW.2006.359572\n \n .","DOI":"10.1109\/SECCOMW.2006.359572"},{"key":"4330_CR37","volume-title":"Data mining practical machine learning tools and techniques","author":"IH Witten","year":"2005","unstructured":"Witten, I. H., & Frank, E. (2005). Data mining practical machine learning tools and techniques (2nd ed.). San Francisco, CA: Morgan Kaufmann Publishers Inc.","edition":"2"},{"key":"4330_CR38","volume-title":"Data mining practical machine learning tools and techniques","author":"IH Witten","year":"2011","unstructured":"Witten, I. H., Frank, E., & Hall, M. A. (2011). Data mining practical machine learning tools and techniques (3rd ed.). Burlington, MA: Elsevier Inc.","edition":"3"},{"issue":"2","key":"4330_CR39","doi-asserted-by":"publisher","first-page":"218","DOI":"10.1109\/TC.2009.172","volume":"59","author":"M Yoon","year":"2010","unstructured":"Yoon, M., Chen, S., & Zhang, Z. (2010). Minimizing the maximum firewall rule set in a network with multiple firewalls. IEEE Transactions on Computers, 59(2), 218\u2013230. doi:\n 10.1109\/TC.2009.172\n \n .","journal-title":"IEEE Transactions on Computers"}],"container-title":["Wireless Personal Communications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11277-017-4330-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11277-017-4330-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11277-017-4330-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,8,29]],"date-time":"2017-08-29T06:08:28Z","timestamp":1503986908000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11277-017-4330-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5,17]]},"references-count":39,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2017,9]]}},"alternative-id":["4330"],"URL":"https:\/\/doi.org\/10.1007\/s11277-017-4330-0","relation":{},"ISSN":["0929-6212","1572-834X"],"issn-type":[{"type":"print","value":"0929-6212"},{"type":"electronic","value":"1572-834X"}],"subject":[],"published":{"date-parts":[[2017,5,17]]}}}