Elements of information theory
Elements of information theory
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Estimation of entropy and mutual information
Neural Computation
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Convergence Technologies for 3G Networks: IP, UMTS,EGPRS and ATM
Convergence Technologies for 3G Networks: IP, UMTS,EGPRS and ATM
Structural analysis of network traffic flows
Proceedings of the joint international conference on Measurement and modeling of computer systems
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Aberrant Behavior Detection in Time Series for Network Monitoring
LISA '00 Proceedings of the 14th USENIX conference on System administration
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Linear-complexity models for wireless MAC-to-MAC channels
Wireless Networks
Analysis of traffic flow measurements by rate-interval curves
valuetools '06 Proceedings of the 1st international conference on Performance evaluation methodolgies and tools
Combining filtering and statistical methods for anomaly detection
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Detecting anomalies in network traffic using maximum entropy estimation
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Statistical change detection for multi-dimensional data
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
On attack causality in internet-connected cellular networks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Anomaly detection by finding feature distribution outliers
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
A nonself space approach to network anomaly detection
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Hierarchical Kohonenen net for anomaly detection in network security
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
Estimating entropy on m bins given fewer than m samples
IEEE Transactions on Information Theory
Statistical analysis of network traffic for adaptive faults detection
IEEE Transactions on Neural Networks
Distribution-based anomaly detection in 3G mobile networks: from theory to practice
International Journal of Network Management
An evaluation of automatic parameter tuning of a statistics-based anomaly detection algorithm
International Journal of Network Management
Context change detection for resource allocation in service-oriented systems
KES'11 Proceedings of the 15th international conference on Knowledge-based and intelligent information and engineering systems - Volume Part II
Bayesian estimation of network-wide mean failure probability in 3g cellular networks
PERFORM'10 Proceedings of the 2010 IFIP WG 6.3/7.3 international conference on Performance Evaluation of Computer and Communication Systems: milestones and future challenges
Steps towards the extraction of vehicular mobility patterns from 3g signaling data
TMA'12 Proceedings of the 4th international conference on Traffic Monitoring and Analysis
A panoramic view of 3g data/control-plane traffic: mobile device perspective
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part I
Signaling oriented denial of service on LTE networks
Proceedings of the 10th ACM international symposium on Mobility management and wireless access
Analysing 3G radio network performance with fuzzy methods
Neurocomputing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
In this work we present a novel scheme for statistical-based anomaly detection in 3G cellular networks. The traffic data collected by a passive monitoring system are reduced to a set of per-mobile user counters, from which time-series of unidimensional feature distributions are derived. An example of feature is the number of TCP SYN packets seen in uplink for each mobile user in fixed-length time bins. We design a changedetection algorithm to identify deviations in each distribution time-series. Our algorithm is designed specifically to cope with the marked non-stationarities, daily/weekly seasonality and longterm trend that characterize the global traffic in a real network. The proposed scheme was applied to the analysis of a large dataset from an operational 3G network. Here we present the algorithm and report on our practical experience with the analysis of real data, highlighting the key lessons learned in the perspective of the possible adoption of our anomaly detection tool on a production basis.