Optimized Classification of Firewall Log Data using Heterogeneous Ensemble Techniques

In the ever-increasing time of network data exchange, the need for a smarter and automatic filter for web data packets is a priority. Hence, in this research study, an optimized solution for classification of firewall data packets is proposed using machine learning. The packets are filtered using four firewall action labels of accept, drop, reject, TCP reset. The study is done on 65532 instances of log files by creating advanced ensemble models for classification of log data. Heterogenous voting ensemble and stacking ensemble models were generated using five well known machine learning classification algorithms namely, K-nearest neighbor, logistic regression, support vector machine, decision tree classifier, and stochastic gradient descent classifier. The stacking ensemble involved random forest algorithm as its meta classifier. The models were compared using their performance metrics to obtain a best solution for data packets classification. It was found that the heterogeneous stacking ensemble model thus created, had a Precision value of 91% and the accuracy score of 99.8% which outperformed other considered models for optimized classification of firewall data.