An activity-based mobility model and location management simulation framework
MSWiM '99 Proceedings of the 2nd ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems
The Hierarchical Hidden Markov Model: Analysis and Applications
Machine Learning
Location management in cellular networks
Handbook of wireless networks and mobile computing
Towards realistic mobility models for mobile ad hoc networks
Proceedings of the 9th annual international conference on Mobile computing and networking
An ad hoc mobility model founded on social network theory
MSWiM '04 Proceedings of the 7th ACM international symposium on Modeling, analysis and simulation of wireless and mobile systems
HHMM-based Chinese lexical analyzer ICTCLAS
SIGHAN '03 Proceedings of the second SIGHAN workshop on Chinese language processing - Volume 17
SMS-Watchdog: Profiling Social Behaviors of SMS Users for Anomaly Detection
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
A novel reputation computation model based on subjective logic for mobile ad hoc networks
Future Generation Computer Systems
Efficient location aware intrusion detection to protect mobile devices
Personal and Ubiquitous Computing
| Hi-index | 0.00 |
Recent years have witnessed widespread use of mobile devices such as cell phones, laptops, and PDAs. In this paper, we propose an architecture called Mobi-Watchdog to detect mobility anomalies of mobile devices in wireless networks that track their locations regularly. Given the past mobility records of a mobile device, Mobi-Watchdog uses clustering techniques to identify the high-level structure of its mobility and then trains a HHMM (hierarchical hidden Markov model). Mobi-Watchdog raises an alert by requesting the device holder to reauthenticate himself when it finds an observed mobility trace significantly deviates from the trained model. The time complexity of the original generalized Baum-Welch algorithm, which is used for HHMM parameter reestimation, scales linearly with T3, where T is the number of locations in an observed sequence. Such a high computational cost can significantly impede deployment of Mobi-Watchdog in large-scale wireless networks in practice. To achieve better scalability, we modify this algorithm to make it scale linearly with T instead. Experimental results with realistic mobility traces demonstrate that Mobi-Watchdog detects mobility anomalies with high probability and reasonably low false alarm rates. We also show that Mobi-Watchdog has very low computational overhead, which makes it a viable candidate for mobility anomaly detection in large wireless networks.