Cyber security Reinforcement through Firewall Log Analysis and Machine Learning

Abstract

Firewalls play a crucial role as a primary protective measure in safeguarding network security, effectively mitigating risks posed by external vulnerabilities and internal security breaches. This study presents a new framework that utilizes firewall log data to classify incoming data packets as either permitted or forbidden. The dataset utilized in this research is obtained from Department of CS&IT, MANU University and is subjected to a thorough data pre-processing procedure. This procedure includes several tasks such as managing missing values, encoding categorical variables, standardizing numerical attributes, and guaranteeing data coherence. In order to mitigate the issue of class imbalance within the target variable, we utilize a range of machine learning models and assess their efficacy through the examination of fundamental metrics such as accuracy, precision, recall, and F1-score. The results of our study demonstrate that the AdaBoost model has superior performance compared to other models, achieving a remarkable accuracy rate of 99.00%. This study demonstrates the application of machine learning methods to automatically identify the activities indicated in firewall logs, thereby improving the security of corporate networks. Through the implementation of automation, we facilitate a more dependable and efficient method of detecting and addressing possible risks, thereby strengthening network security measures and protecting valuable corporate information.