Research Article
An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System
Table 5
Optimization of Header Rules: IP, Port, Direction.
| Command format | Selection of detection rule standardization |
| IP | any | All IP address | numeric IP | Specific IP addresses | numeric IP list | Multiple IP address up to 10 including CIDR | CIDR | The length of a specific network address. |
| Port | any | all port numbers | static port | Fixed Port Number | ranges(;) | Port range destination |
| Direction | -> | Direction from the origin host to the destination host | <> | Origin host and destination host bidirectional |
| Command format | Excluded detection rules standardized/excluded reasons |
| Direction | <- | Source Host and Destination Host Reverse | It is excluded because it can be made by changing source IP and destination IP and generate load |
|
|