Resources
1.
"Python Machine Learning: Machine Learning and Deep Learning
with Python, scikit-learn, and TensorFlow" by Sebastian Raschka
and Vahid Mirjalili. This book provides an introduction to machine
learning using Python and covers topics such as classification,
regression, clustering, and deep learning.
2.
"Hands-On Machine Learning with Scikit-Learn, Keras, and
TensorFlow: Concepts, Tools, and Techniques to Build Intelligent
Systems" by Aurélien Géron. This book covers machine learning
techniques with a focus on using the scikit-learn, Keras, and
TensorFlow libraries in Python.
3.
"Data Science from Scratch: First Principles with Python" by Joel
Grus. This book provides an introduction to data science concepts
and techniques, including machine learning, using Python.
4.
"Deep Learning with Python" by François Chollet. This book
provides an introduction to deep learning using the Keras library in
Python and covers topics such as convolutional neural networks,
recurrent neural networks, and generative models.
5.
"Introduction to Machine Learning with Python: A Guide for Data
Scientists" by Andreas Müller and Sarah Guido. This book covers
machine learning techniques using Python and includes topics such
as supervised and unsupervised learning, model evaluation, and
feature selection.
Искусственный интеллект, методы и технологии информационной безопасности
Международная научно-техническая конференция «Практическое применение технических и
цифровых технологий и их инновационных решений», ТАТУФФ, Фергана, 4 мая 2023 г.
470
ACLS PROVIDE SECURITY FOR A NETWORK.
M.K.Khusanova
Assistant at the Department of Information Security, Fergana branch of the
Tashkent University of Information Technologies named after Muhammad al-
Khwarizmi.
An ACL is a series of IOS commands that control whether a router
forwards or drops packets based on information found in the packet header.
ACLs are among the most commonly used features of Cisco IOS software.
When configured, ACLs perform the following tasks:
Limit network traffic to increase network performance. For
example, if corporate policy does not allow video traffic on the
network, ACLs that block video traffic could be configured and
applied. This would greatly reduce the network load and increase
network performance.
Provide traffic flow control. ACLs can restrict the delivery of
routing updates to ensure that the updates are from a known source.
Provide a basic level of security for network access. ACLs can
allow one host to access a part of the network and prevent another
host from accessing the same area. For example, access to the
Human Resources network can be restricted to authorized users.
Filter traffic based on traffic type. For example, an ACL can permit
email traffic, but block all Telnet traffic.
Screen hosts to permit or deny access to network services. ACLs
can permit or deny a user to access file types, such as FTP or
HTTP.
By default, a router does not have ACLs configured; therefore, by default
a router does not filter traffic. Traffic that enters the router is routed solely based
on information within the routing table. However, when an ACL is applied to an
interface, the router performs the additional task of evaluating all network
Sun’iy intelekt, axborot xavfsizligi texnikasi va texnologiyalari
Международная научно-техническая конференция «Практическое применение технических и
цифровых технологий и их инновационных решений», ТАТУФФ, Фергана, 4 мая 2023 г.
471
packets as they pass through the interface to determine if the packet can be
forwarded.
In addition to either permitting or denying traffic, ACLs can be used for
selecting types of traffic to be analyzed, forwarded, or processed in other ways.
For example, ACLs can be used to classify traffic to enable priority processing.
This capability is similar to having a VIP pass at a concert or sporting event. The
VIP pass gives selected guests privileges not offered to general admission ticket
holders, such as priority entry or being able to enter a restricted area.
An ACL is a sequential list of permit or deny statements, known as access
control entries (ACEs). ACEs are also commonly called ACL statements. When
network traffic passes through an interface configured with an ACL, the router
compares the information within the packet against each ACE, in sequential
order, to determine if the packet matches one of the ACEs. This process is called
packet filtering.
Packet filtering controls access to a network by analyzing the incoming
and outgoing packets and forwarding them or discarding them based on given
criteria. Packet filtering can occur at Layer 3 or Layer 4, as shown in the figure.
Standard ACLs only filter at Layer 3. Extended ACLs filter at Layer 3 and
Layer 4.
The source IPv4 address is the filtering criteria set in each ACE of a
standard IPv4 ACL. A router configured with a standard IPv4 ACL extracts the
source IPv4 address from the packet header. The router starts at the top of the
ACL and compares the address to each ACE sequentially. When a match is
made, the router carries out the instruction, either permitting or denying the
packet. After a match is made, the remaining ACEs in the ACL, if any, are not
analyzed. If the source IPv4 address does not match any ACEs in the ACL, the
packet is discarded.
The last statement of an ACL is always an implicit deny. This statement is
automatically inserted at the end of each ACL even though it is not physically
Искусственный интеллект, методы и технологии информационной безопасности
Международная научно-техническая конференция «Практическое применение технических и
цифровых технологий и их инновационных решений», ТАТУФФ, Фергана, 4 мая 2023 г.
472
present. The implicit deny blocks all traffic. Because of this implicit deny, an
ACL that does not have at least one permit statement will block all traffic.
ACLs define the set of rules that give added control for packets that enter
inbound interfaces, packets that relay through the router, and packets that exit
outbound interfaces of the router. ACLs do not act on packets that originate
from the router itself.
ACLs can be configured to apply to inbound traffic and outbound traffic.
|
