Enhancing security using mobility-based anomaly detection in cellular mobile networks

Simple item page
dc.contributor.authorSun, Bo
dc.contributor.authorYu, Fei
dc.contributor.authorWu, Kui
dc.contributor.authorXiao, Yang
dc.contributor.authorLeung, Victor C.M.
dc.date.accessioned2010-04-07T22:54:45Z
dc.date.available2010-04-07T22:54:45Z
dc.date.copyright2006en
dc.date.issued2006-07
dc.description©2006 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.en
dc.description.abstractLocation information is an important feature in users' profiles in cellular mobile networks. In this paper, by exploiting the location history traversed by a mobile user, two domain-independent online anomaly detection schemes are designed, namely the Lempel-Ziv (LZ)-based and Markov-based detection schemes. The authors focus on the identification of a group of especially harmful internal attackers-masqueraders. For both schemes, cell IDs traversed by each mobile user are extracted as the feature value. Specifically, the mobility pattern of each user is characterized by a high-order Markov model. The LZ-based detection scheme from the well-developed data compression techniques is derived. Moreover, the technique of exponentially weighted moving average is used to modify a user's normal profile dynamically. The user profile can characterize the normal behavior of each user accurately and is sensitive to abnormal changes. For the Markov-based detection scheme, a fixed-order Markov model is used to characterize the normal behavior. Based on the constructed probability transition matrix, the probability of the user's current activity is calculated. A threshold policy is then used in both schemes to determine whether a mobile device is potentially compromised or not. Simulation results are presented to show the effectiveness of the proposed schemes. Moreover, our results show that the LZ-based detection scheme performs better than the Markov-based detection scheme, especially for low-speed mobile usersen
dc.identifier.citationBo Sun; Fei Yu; Kui Wu; Yang Xiao; Leung, V.C.M.; , "Enhancing security using mobility-based anomaly detection in cellular mobile networks," Vehicular Technology, IEEE Transactions on , vol.55, no.4, pp.1385-1396, July 2006en
dc.identifier.issn0018-9545
dc.identifier.urihttp://hdl.handle.net/1828/2505
dc.language.isoenen
dc.publisherIEEEen
dc.subject.departmentDepartment of Computer Science
dc.titleEnhancing security using mobility-based anomaly detection in cellular mobile networksen
dc.typeArticleen

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Enhancing security using mobility-based anomaly detection in cellular mobile networks.pdf
Size:
333.19 KB
Format:
Adobe Portable Document Format
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.83 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Faculty and Staff Publications
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.