CRF Based Secured Framework for Filtering Malicious Traffic

Abstract: Network security contains the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access. It involves the authorization of access to data in a network. Filtering capabilities are available in access control lists (ACLs). It is typically stored in Ternary Content Addressable Memory (TCAM), whereas the size and cost of TCAM puts a limit on the number of filters, and this parallel access and reduces the number of lookups per forwarded is not expected to change in the near future. In this paper, we present a secured framework for filtering Malicious Traffic. This filtering framework is designed using CRF, where Conditional models are discriminative probabilistic systems that are used to model the conditional distribution over a set of random variables. Such models have been extensively used in the natural language processing tasks. Conditional models offer a better framework as they do not make any unwarranted assumptions on the observations and can be used to model rich overlapping features among the visible observations. The framework is designed such a way that the CRF are extensively trained by the models and then involved in the purpose of filtering malicious traffic in network. Our proposed method overcomes the problems in existing systems. We prove that our system is better than the existing system in both the terms of accuracy and efficiency

Keywords: Filtering Malicious Traffic, DShield.org, Prefix filtering, Network security, CRF based filtering.