Search results for "anomaly detection"
showing 10 items of 82 documents
Advanced performance monitoring for self-healing cellular mobile networks
2015
This dissertation is devoted to development and validation of advanced per- formance monitoring system for existing and future cellular mobile networks. Knowledge mining techniques are employed for analysis of user specific logs, collected with Minimization of Drive Tests (MDT) functionality. Ever increas- ing quality requirements, expansion of the mobile networks and their extend- ing heterogeneity, call for effective automatic means of performance monitoring. Nowadays, network operation is mostly controlled manually through aggregated key performance indicators and statistical profiles. These methods are are not able to fully address the dynamism and complexity of modern mobile networks. Se…
Intelligent solutions for real-life data-driven applications
2017
The subject of this thesis belongs to the topic of machine learning or, specifically, to the development of advanced methods for regression analysis, clustering, and anomaly detection. Industry is constantly seeking improved production practices and minimized production time and costs. In connection to this, several industrial case studies are presented in which mathematical models for predicting paper quality were proposed. The most important variables for the prediction models are selected based on information-theoretic measures and regression trees approach. The rest of the original papers are devoted to unsupervised machine learning. The main focus is developing advanced spectral cluster…
Anomaly detection approach to keystroke dynamics based user authentication
2017
Keystroke dynamics is one of the authentication mechanisms which uses natural typing pattern of a user for identification. In this work, we introduced Dependence Clustering based approach to user authentication using keystroke dynamics. In addition, we applied a k-NN-based approach that demonstrated strong results. Most of the existing approaches use only genuine users data for training and validation. We designed a cross validation procedure with artificially generated impostor samples that improves the learning process yet allows fair comparison to previous works. We evaluated the methods using the CMU keystroke dynamics benchmark dataset. Both proposed approaches outperformed the previou…
Adaptive framework for network traffic classification using dimensionality reduction and clustering
2012
Information security has become a very important topic especially during the last years. Web services are becoming more complex and dynamic. This offers new possibilities for attackers to exploit vulnerabilities by inputting malicious queries or code. However, these attack attempts are often recorded in server logs. Analyzing these logs could be a way to detect intrusions either periodically or in real time. We propose a framework that preprocesses and analyzes these log files. HTTP queries are transformed to numerical matrices using n-gram analysis. The dimensionality of these matrices is reduced using principal component analysis and diffusion map methodology. Abnormal log lines can then …
A Network-Based Framework for Mobile Threat Detection
2018
Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, which increase the diversity of malicious applications. Thus, there is a need for an intelligent system that copes with this issue. This paper proposes a machine learning (ML) based framework to counter rapid evolution of mobile threats. This model is based on flow-based features, that will work on the network side. This model is designed with adversarial input in mind. The model uses 40 timebased network flow features, extracted from the real-time traffic of malicious and…
Anomaly Detection Algorithms for the Sleeping Cell Detection in LTE Networks
2015
The Sleeping Cell problem is a particular type of cell degradation in Long-Term Evolution (LTE) networks. In practice such cell outage leads to the lack of network service and sometimes it can be revealed only after multiple user complains by an operator. In this study a cell becomes sleeping because of a Random Access Channel (RACH) failure, which may happen due to software or hardware problems. For the detection of malfunctioning cells, we introduce a data mining based framework. In its core is the analysis of event sequences reported by a User Equipment (UE) to a serving Base Station (BS). The crucial element of the developed framework is an anomaly detection algorithm. We compare perfor…
Online anomaly detection using dimensionality reduction techniques for HTTP log analysis
2015
Modern web services face an increasing number of new threats. Logs are collected from almost all web servers, and for this reason analyzing them is beneficial when trying to prevent intrusions. Intrusive behavior often differs from the normal web traffic. This paper proposes a framework to find abnormal behavior from these logs. We compare random projection, principal component analysis and diffusion map for anomaly detection. In addition, the framework has online capabilities. The first two methods have intuitive extensions while diffusion map uses the Nyström extension. This fast out-of-sample extension enables real-time analysis of web server traffic. The framework is demonstrated using …
Cognitive self-healing system for future mobile networks
2015
This paper introduces a framework and implementation of a cognitive self-healing system for fault detection and compensation in future mobile networks. Performance monitoring for failure identification is based on anomaly analysis, which is a combination of the nearest neighbor anomaly scoring and statistical profiling. Case-based reasoning algorithm is used for cognitive self-healing of the detected faulty cells. Validation environment is Long Term Evolution (LTE) mobile system simulated with Network Simulator 3 (ns-3) [1, 2]. Results demonstrate that cognitive approach is efficient for compensation of cell outages and is capable to improve network coverage. Anomaly analysis can be used fo…
Revealing Fake Profiles in Social Networks by Longitudinal Data Analysis
2017
An Efficient Network Log Anomaly Detection System Using Random Projection Dimensionality Reduction
2014
Network traffic is increasing all the time and network services are becoming more complex and vulnerable. To protect these networks, intrusion detection systems are used. Signature-based intrusion detection cannot find previously unknown attacks, which is why anomaly detection is needed. However, many new systems are slow and complicated. We propose a log anomaly detection framework which aims to facilitate quick anomaly detection and also provide visualizations of the network traffic structure. The system preprocesses network logs into a numerical data matrix, reduces the dimensionality of this matrix using random projection and uses Mahalanobis distance to find outliers and calculate an a…