Mobile Information Systems / 2017 / Article / Tab 4

Research Article

An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System

Table 4

Optimization of Header Rules: Rule Action, Protocol.

Command format Selection of detection rule standardization

Rule ActionalertGenerate a warning
dropDrop the packet and leave a log

ProtocoltcpTCP protocol support
udpUDP protocol support
icmpICMP protocol support
ipIP protocol support

Command format Excluded detection rules standardized/excluded reasons

Rule ActionlogLoggedIt is an option for packet logging or packet override, which is mainly used for logging after attack detection, but it is for the purpose of notifying the occurrence of an attack
passIgnore packets
activateSend an alert and activate the specified dynamic ruleThis option is used for additional logging after detection of an attack, but it is consistent with the purpose of notifying the occurrence of the attack
dynamicIt is activated by the activate rule and acts like the log option
rejectConnection terminated and loggedAdded after Intrusion rrevention and exclude as action
sdropDiscards packets and leaves no logs

Article of the Year Award: Outstanding research contributions of 2020, as selected by our Chief Editors. Read the winning articles.