Research Article
An Enhancement of Optimized Detection Rule of Security Monitoring and Control for Detection of Cyberthreat in Location-Based Mobile System
Table 5
Optimization of Header Rules: IP, Port, Direction.
| | Command format | Selection of detection rule standardization |
| | IP | any | All IP address | | numeric IP | Specific IP addresses | | numeric IP list | Multiple IP address up to 10 including CIDR | | CIDR | The length of a specific network address. |
| | Port | any | all port numbers | | static port | Fixed Port Number | | ranges(;) | Port range destination |
| | Direction | -> | Direction from the origin host to the destination host | | <> | Origin host and destination host bidirectional |
| | Command format | Excluded detection rules standardized/excluded reasons |
| | Direction | <- | Source Host and Destination Host Reverse | It is excluded because it can be made by changing source IP and destination IP and generate load |
|
|
