Abstract
Security concerns have attracted a great deal of attentions for both service providers and end users in cellular mobile networks. As a second line of defense, Intrusion Detection Systems (IDSs) are indispensable for highly secure wireless networks. In this chapter, we first give a brief introduction to wired IDSs and wireless IDSs. Then we address the main challenges in designing IDSs for cellular mobile networks, including the topics of feature selection, detection techniques, and adaptability of IDSs. An anomaly-based IDS exploiting mobile users ’ location history is introduced to provide insights into the intricacy of building a concrete IDS for cellular mobile networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Y.-B. Lin, M. Chen, and H. Rao, Potential fraudulent usage in Mobile Telecommunications Networks, IEEE Transactions on Mobile Computing, Vol.1 No.2 (2002) pp. 123–131.
M. Zhang, and Y. Fang, Security Analysis and Enhancements of 3GPP Authentication and Key Agreement Protocol, IEEE Transactions on Wireless Communication, Vol.4, No.2, (2005) pp. 734–742.
B. Mukherjee, T.L. Heberlein, and K.N. Levitt, Network Intrusion Detection, IEEE Network, Vol.8, No.3, (1994) pp. 26–41.
H. Debar, M. Dacier, and A. Wespi, A Revised Taxonomy for Intrusion-Detection Systems, Annales des Telecommunications, Vol. 55, (2000) pp. 361–378.
J. P. Anderson, Computer Security Threat Monitoring and Surveillance, Technical Report, James P. Anderson Co., Fort Washington, PA, (April 1980).
D. E. Denning, An Intrusion-Detection Model, IEEE Transactions on Software Engineering, Vol.13, No.7, (Feb. 1987), pp. 222–232.
P. Porras and A. Valdes, Live Traffic Analysis of TCP/IP Gateways, Proceedings of the 1998 ISOC Symposium on Network and Distributed System Security (NDSS’ 98), San Diego, CA, March 1998.
T. F. Lunt, R. Jagannathan, R. Lee, S. Listgarten, D. L. Edwards, P. G. Neumann, H. S. Javitz, and A. Valdes, IDES: The Enhanced Prototype C a Real-time Intrusion-Detection Expert System, Technical Report SRI-CSL-88-12, SRI International, Menlo Park, CA, Oct. 1988.
H.S. Javitz and A. Valdes, The SRI Statistical Anomaly Detector, Proceedings of 1991 IEEE Symposium on Research in Security and Privacy, pp. 316–326, May 1991.
R. Jagannathan, T. Lunt, D. Anderson, C. Dodd, F. Gilham, C. Jalali, H. Javitz, P. Neumann, A. Tamaru, and A. Valdes, System Design Document: Next-Generation Intrusion Detection Expert System (NIDES), Technical Report A007/A008/A009/A011/A012/A014, SRI International, 333, Ravenswood Avenue, Menlo Park, CA, March 1993.
U. Lindqvist, and P.A. Porras, Detecting Computer and Network Misuse through the Production-Based Expert System Toolset (P-BEST), Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 146–161, May 9–12, 1999.
Internet Security Systems, RealSecure Network Protection, Nov. 2003, Available at http: http://www.iss.net/products-services/enterprise-protection/rsnetwork.
S. Kumar and E. Spafford, A Pattern Matching Model for Misuse Intrusion Detection, Proceedings of the 17thNational Computer Security Conference, pp. 11–21, Oct. 1994.
P.A. Porras and R. Kemmerer, Penetration State Transition Analysis C a Rule-Based Intrusion Detection Approach, Proceedings of the 8th Annual Computer Security Application Conference, pp. 220–229, Nov. 1992.
K. Ilgun, Ustat: A Real-time Intrusion Detection System for Unix, Proceedings of IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 16–28, May, 1993.
H. Debar, M. Becker and D. Siboni, A Neural Network Component for an Intrusion Detection System, Proceedings of 1992 IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 240–250, May, 1992.
S. Forrest, S.A. Hofmeyr, and A. Somayaji, Computer Immunology, Communications of the ACM, vol. 40, no. 10, pp. 88–96, Oct. 1997.
C. Warrender, S. Forrest, and B. Pearlmutter, Detecting Intrusions Using System Calls: Alternative Data Models, Proceedings of 1999 IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 133–145, May 1999.
W. Lee, S. J. Stolfo, and K. W. Mok, A Data Mining Framework for Building Intrusion Detection Models, Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 120–132, May 1999.
N. Ye, X. Li, Q. Chen, S. M. Emran, and M. Xu, Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data, IEEE Transactions on Systems, Man, and Cybernetics, vol. 31, no. 4, pp. 266–274, 2001.
N. Ye, S. M. Emran, Q. Chen, and S. Vilbert, Multivariate Statistical Analysis of Audit Trails for Host-based Intrusion Detection, IEEE Transactions on Computers, vol. 51. no. 7, pp. 810–820, 2002.
S. Jha, K. Tan, and R.A. Maxion, Markov Chains, Classifiers, and Intrusion Detection, Proceedings of the 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, pp. 206–219, 2001.
N. Ye, A Markov Chain Model of Temporal Behavior for Anomaly Detection, Proceedings of 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, pp. 171–174, June 6–7, 2000.
N. Ye, T. Ehiabor, and Y Zhang, First-order versus High-order Stochastic Models for Computer Intrusion Detection, Quality and Reliability Engineering International, vol. 18, no. 3, pp. 243–250, 2002.
M. Nassehi, Anomaly Detection for Markov Models, Technical Report Tech Report RZ 3011(#93057), IBM Research Division, Zurich Research Laboratory, March 1998.
W. Lee, and S. J. Stolfo, A framework for constructing features and models for intrusion detection systems, ACM Transactions on Information and System Security (TISSEC), Vol. 3 Issue 4, (2000).
C. Ko, G. Fink, and K. Levitt, Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach, Proceedings of 1997 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 134–144, May 1997.
R. Buschkes, D. Kesdogan, and P. Reichl, How to Increase Security in Mobile Networks by Anomaly Detection, Proceedings of the Computer Security Applications Conference, Phoenix, AZ, Dec. 1998, pp. 3–12.
D. Samfat, and R. Molva, IDAMN: An intrusion detection architecture for mobile networks, IEEE Journal on Selected Areas in Communications, Vol.15, No.7, (Sept. 1997), pp. 1373–1380.
J. Hall, M. Barbeau, and E. Kranakis, Anomaly-based Intrusion Detection Using Mobility Profiles of Public Transportation Users, IEEE Wireless and Mobile Computing, Networking and Communications (WiMob’ 2005), (2005), pp. 17–24.
J. Hollmén, User profiling and classification for fraud detection in mobile communications networks, PhD Thesis, Helsinki University of Technology, (2000).
C. Warrender, S. Forrest, and B. Pearlmutter, Detecting Intrusions Using System Calls: Alternative Data Models, Proceedings of 1999 IEEE Symposium on Research in Security and Privacy, Oakland, CA, pp. 133–145, May 1999.
D. Koller, and M. Sahami, Toward Optimal Feature Selection, Proceedings of the 13th International Conference on Machine Learning, Bari, Italy, July 1996, pp. 284–292.
Q. He, D. Wu, and P. Khosla, Quest for personal control over mobile location privacy, IEEE Communications Magazine, Vol. 42, No. 5, May 2004, pp. 130–136.
R.A. Johnson and D.W. Wichern, Applied Multivariate Statistical Analysis, Upper Saddle River, NJ: Prentice Hall, 1998.
B. Sun, F. Yu, K. Wu, Y Xiao, and V.C.M. Leung, Enhancing Security using Mobility-Based Anomaly Detection in Cellular Mobile Networks, IEEE Transactions on Vehicular Technology, 2005, in press.
B. Sun, Z. Chen, R. Wang, F. Yu, and V.C.M. Leung, Towards Adaptive Anomaly Detection in Cellular Mobile Networks, IEEE Consumer Communications and Networking Conference (CCNC’ 06), Las Vegas, NV, 2006.
S. Schonfelder, Some notes on space, location and travel behaviour, Swiss Transport Research Conference, Monte Verita, Ascona, 2001.
H. A. Karimi, X. Liu, A predictive location model for location-based services, Proceedings of the 11th ACM international symposium on Advances in geographic information systems, New Orleans, LA, Nov. 2003, pp. 126–133.
J. Ziv, and A. Lempel, Compression of individual sequences via variablerate coding, IEEE Transactions on Information Theory, Vol. 24, Noo. 5, Sept. 1978, pp. 530–536.
J. Ziv and A. Lempel, A Universal Algorithm for Sequential Data Compression, IEEE Transactions on Information Theory, Vol. 23, pp. 337–342, 1977.
T. C. Bell, J. G. Cleary, and I. H. Witten, Text Compression, Prentice-Hall Advanced Reference Series, Prentice-Hall, Englewood Cleffs, NJ, 1990.
J. S. Vitter and P. Krishnan, Optimal prefetching via data compression, Journal of ACM, vol. 43, no. 5, Sept. 1996, pp. 771–793.
J. G. Cleary and I. H. Witten, Data compression using adaptive coding and partial string matching, IEEE Transactions on Communications, vol. 32, no. 4, Apr. 1983, pp. 396–402.
T. Cover and J. Thomas, Elements of Information Theory, John Wiley & Sons, 1991.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Sun, B., Xiao, Y., Wu, K. (2007). Intrusion Detection in Cellular Mobile Networks. In: Xiao, Y., Shen, X.S., Du, DZ. (eds) Wireless Network Security. Signals and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-33112-6_8
Download citation
DOI: https://doi.org/10.1007/978-0-387-33112-6_8
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-28040-0
Online ISBN: 978-0-387-33112-6
eBook Packages: EngineeringEngineering (R0)