A Network-Based Framework for Mobile Threat Detection
Kumar, S., Viinikainen, A., & Hämäläinen, T. (2018). A Network-Based Framework for Mobile Threat Detection. In ICDIS 2018 : 1st International Conference on Data Intelligence and Security (pp. 227-233). IEEE. https://doi.org/10.1109/ICDIS.2018.00044
© IEEE, 2018.
Mobile malware attacks increased three folds in the past few years and continued to expand with the growing number of mobile users. Adversary uses a variety of evasion techniques to avoid detection by traditional systems, which increase the diversity of malicious applications. Thus, there is a need for an intelligent system that copes with this issue. This paper proposes a machine learning (ML) based framework to counter rapid evolution of mobile threats. This model is based on flow-based features, that will work on the network side. This model is designed with adversarial input in mind. The model uses 40 timebased network flow features, extracted from the real-time traffic of malicious and benign applications. The proposed model not only to detects the known and unknown mobile threats but also deals with the changing behavior of the attackers by triggering the retraining phase. The proposed framework can be used by the mobile operators to protect their subscribers. We used several supervised ML algorithms to build the model and got an average accuracy of up to 99.8%. ...
Parent publication ISBN978-1-5386-5762-1
ConferenceInternational Conference on Data Intelligence and Security
Is part of publicationICDIS 2018 : 1st International Conference on Data Intelligence and Security
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Evaluation of Ensemble Machine Learning Methods in Mobile Threat Detection Kumar, Sanjay; Viinikainen, Ari; Hämäläinen, Timo (Infonomics Society, 2017)The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use ...
Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets Vahdani Amoli, Payam (University of Jyväskylä, 2015)Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ...
Dimensionality reduction framework for detecting anomalies from network logs Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (CRL Publishing, 2012)Dynamic web services are vulnerable to multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the ...
Adaptive framework for network traffic classification using dimensionality reduction and clustering Juvonen, Antti; Sipola, Tuomo (IEEE, 2012)Information security has become a very important topic especially during the last years. Web services are becoming more complex and dynamic. This offers new possibilities for attackers to exploit vulnerabilities by inputting ...
Anomaly detection from network logs using diffusion maps Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (Springer, 2011)The goal of this study is to detect anomalous queries from network logs using a dimensionality reduction framework. The fequencies of 2-grams in queries are extracted to a feature matrix. Dimensionality reduction is done ...