IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Applied multivariate statistical analysis
Applied multivariate statistical analysis
Text compression
Optimal prefetching via data compression
Journal of the ACM (JACM)
LeZi-update: an information-theoretic approach to track mobile users in PCS networks
MobiCom '99 Proceedings of the 5th annual ACM/IEEE international conference on Mobile computing and networking
Mitigating routing misbehavior in mobile ad hoc networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Intrusion detection in wireless ad-hoc networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Cross-Feature Analysis for Detecting Ad-Hoc Routing Anomalies
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
A Neural Network Component for an Intrusion Detection System
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Alert aggregation in mobile ad hoc networks
WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
A cooperative intrusion detection system for ad hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
IDAMN: an intrusion detection architecture for mobile networks
IEEE Journal on Selected Areas in Communications
International Journal of Knowledge-based and Intelligent Engineering Systems - Extended papers selected from KES-2006
A Rough Set Based Anomaly Detection Scheme Considering the Age of User Profiles
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part IV: ICCS 2007
A weighted-dissimilarity-based anomaly detection method for mobile networks
Proceedings of the 2009 International Conference on Hybrid Information Technology
BANBAD - A Centralized belief-networks-based anomaly detection algorithm for MANETs
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
A framework for defending embedded systems against software attacks
ACM Transactions on Embedded Computing Systems (TECS)
Estimating accuracy of mobile-masquerader detection using worst-case and best-case scenario
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Detecting impersonation attacks in future wireless and mobile networks
MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
| Hi-index | 0.00 |
This paper presents an efficient on-line anomaly detection algorithm that can effectively identify a group of especially harmful internal attackers - masqueraders in cellular mobile networks. Our scheme is derived from a well-developed data compression technique. We use cell IDs traversed by a user as the feature value. Based on this, the mobility pattern of a user is characterized by a high order Markov model. Ziv-Lempel data compression algorithms are utilized to parse the data and store relevant statistical information in a mobility trie. Moreover, the technique of Exponentially Weighted Moving Average (EWMA) is used to efficiently update the mobility trie in order to modify the user's normal profile constantly. In this way, an up-to-date normal profile is maintained. The proposed normal profile can characterize the normal behavior of each user accurately and is sensitive to abnormal changes. A threshold scheme is then used to determine whether the mobile device is potentially compromised or not. Simulation results demonstrate that our proposed detection algorithm can achieve good performance in terms of false alarm rate and detection rate for users having regular itineraries.