Abstract
Mobile networks have numerous exploitable vulnerabilities that enable malicious individuals to launch Denial of Service (DoS) attacks and affect network security and performance. The efficient detection and attribution of these anomalies are of major importance to the mobile network operators, especially since there is a vast amount of information collected, which renders the problem as a Big Data problem. Previous approaches focus on either anomaly detection methods, or visualization methods separately. In addition, they utilize solely either the signaling or the Call Detail Record (CDR) activity in the network. This paper presents MoVA (Mobile network Visual Analytics), a visual analytics tool for the detection and attribution of anomalies in mobile cellular networks which combines anomaly detection and visualization, and is applied on both signaling and CDR activity in the network. In order to address the large volume of the data, the proposed application starts with an aggregated overview of the whole network and allows the operator to gradually focus on smaller sets of data, using different levels of abstraction. The proposed visualization methods are able to differentiate between different user behaviors, and enable the analyst to have an insight in the mobile network operation and easily spot the anomalous mobile devices. Hypothesis formulation and validation methods are also provided, in order to enable the analyst to formulate network security-related hypotheses, and validate or reject them based on the results of the analysis.
This work has been partially supported by the European Commission through project FP7-ICT-317888-NEMESYS funded by the 7th framework program. The opinions expressed in this paper are those of the authors and do not necessarily reflect the views of the European Commission.
Chapter PDF
Similar content being viewed by others
Keywords
References
NEMESYS project (2015). http://www.nemesys-project.eu/nemesys/
Petersen, J.K.: The telecommunications illustrated dictionary. CRC Press (2002)
Lee, P.P.C., Bu, T., Woo, T.: On the detection of signaling DoS attacks on 3G wireless networks. In: 26th IEEE International Conference on Computer Communications, pp. 1289–1297. IEEE (2007)
Lee, P.P.C., Bu, T., Woo, T.: On the detection of signaling DoS attacks on 3G/WiMax wireless networks. Computer Networks 53(15), 2601–2616 (2009)
D’Alconzo, A., Coluccia, A., Ricciato, F., Romirer-Maierhofer, P.: A distribution-based approach to anomaly detection and application to 3G mobile traffic. In: IEEE Global Telecommunications Conference, GLOBECOM 2009, pp. 1–8. IEEE (2009)
Coluccia, A., D’Alconzo, A., Ricciato, F.: Distribution-based anomaly detection in network traffic. In: Biersack, E., Callegari, C., Matijasevic, M. (eds.) Data Traffic Monitoring and Analysis. LNCS, vol. 7754, pp. 202–216. Springer, Heidelberg (2013)
Yan, G., Eidenbenz, S., Galli, E.: Sms-watchdog: Profiling social behaviors of sms users for anomaly detection. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 202–223. Springer, Heidelberg (2009)
Kim, E.K., McDaniel, P., La Porta, T.: A detection mechanism for SMS flooding attacks in cellular networks. In: Keromytis, A.D., Di Pietro, R. (eds.) SecureComm 2012. LNICST, vol. 106, pp. 76–93. Springer, Heidelberg (2013)
Murynets, I., Jover, R.P.: Anomaly detection in cellular Machine-to-Machine communications. In: 2013 IEEE International Conference on Communications (ICC), pp. 2138–2143. IEEE (2013)
Eagle, N., Pentland, A.: Reality mining: sensing complex social systems. Personal and Ubiquitous Computing 10(4), 255–268 (2006)
Ye, Q., Zhu, T., Hu, D., Wu, B., Du, N., Wang, B.: Cell phone mini challenge award: Social network accuracy exploring temporal communication in mobile call graphs. In: IEEE Symposium on Visual Analytics Science and Technology, VAST 2008, IEEE (2008)
Shen, Z., Ma, K.-L.: Mobivis: A visualization system for exploring mobile data. In: IEEE Pacific Visualization Symposium, PacificVIS 2008, pp. 175–182. IEEE (2008)
SAS Visual Analytics (2015). http://www.sas.com
Tableau Analytics (2015). http://www.tableau.com/
Certifuge Systems (2015). http://centrifugesystems.com/
Alcatel Security-guardian (2015). http://www.alcatel-lucent.com/solutions/security-guardian
NSN mobile guard (2015). http://nsn.com/sites/default/files/document/nsn_mobile_guard_executive_summary.pdf
Breunig, M.M., Kriegel, H.-P., Ng, R.T., Sander, J.: LOF: identifying density-based local outliers. In: ACM Sigmod Record, vol. 29, pp. 93–104. ACM (2000)
Papadopoulos, S., Mavroudis, V., Drosou, A., Tzovaras, D.: Visual Analytics for Enhancing Supervised Attack Attribution in Mobile Networks. In: Information Sciences and Systems 2014, pp. 193–203. Springer, Heidelberg (2014)
Kalamaras, I., Drosou, A., Tzovaras, D.: Multi-Objective Optimization for Multimodal Visualization. IEEE Transactions on Multimedia 16(5), 1460–1472 (2014)
Breiman, L.: Random forests. Machine Learning 45(1), 5–32 (2001)
Ding, B., Lo, D., Han, J., Khoo, S.-C.: Efficient mining of closed repetitive gapped subsequences from a sequence database. In: IEEE 25th International Conference on Data Engineering, ICDE 2009, pp. 1024–1035. IEEE (2009)
GenieLog, GEDIS Studio online (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kalamaras, I., Papadopoulos, S., Drosou, A., Tzovaras, D. (2015). MoVA: A Visual Analytics Tool Providing Insight in the Big Mobile Network Data. In: Chbeir, R., Manolopoulos, Y., Maglogiannis, I., Alhajj, R. (eds) Artificial Intelligence Applications and Innovations. AIAI 2015. IFIP Advances in Information and Communication Technology, vol 458. Springer, Cham. https://doi.org/10.1007/978-3-319-23868-5_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-23868-5_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23867-8
Online ISBN: 978-3-319-23868-5
eBook Packages: Computer ScienceComputer Science (R0)