A Network-Based Framework for Mobile Threat Detection
Kumar, S., Viinikainen, A., & Hämäläinen, T. (2018). A Network-Based Framework for Mobile Threat Detection. In ICDIS 2018 : 1st International Conference on Data Intelligence and Security (pp. 227-233). IEEE. https://doi.org/10.1109/ICDIS.2018.00044
Date
2018Copyright
© IEEE, 2018.
Mobile malware attacks increased three folds in the
past few years and continued to expand with the growing number
of mobile users. Adversary uses a variety of evasion techniques
to avoid detection by traditional systems, which increase the
diversity of malicious applications. Thus, there is a need for an
intelligent system that copes with this issue. This paper proposes
a machine learning (ML) based framework to counter rapid
evolution of mobile threats. This model is based on flow-based
features, that will work on the network side. This model is
designed with adversarial input in mind. The model uses 40 timebased
network flow features, extracted from the real-time traffic
of malicious and benign applications. The proposed model not
only to detects the known and unknown mobile threats but also
deals with the changing behavior of the attackers by triggering
the retraining phase. The proposed framework can be used by
the mobile operators to protect their subscribers. We used several
supervised ML algorithms to build the model and got an average
accuracy of up to 99.8%.
...
Publisher
IEEEParent publication ISBN
978-1-5386-5762-1Conference
International Conference on Data Intelligence and SecurityIs part of publication
ICDIS 2018 : 1st International Conference on Data Intelligence and SecurityKeywords
Publication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/28024181
Metadata
Show full item recordCollections
License
Related items
Showing items with similar title or keywords.
-
Evaluation of Ensemble Machine Learning Methods in Mobile Threat Detection
Kumar, Sanjay; Viinikainen, Ari; Hämäläinen, Timo (Infonomics Society, 2017)The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use ... -
Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets
Vahdani Amoli, Payam (University of Jyväskylä, 2015)Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ... -
Dimensionality reduction framework for detecting anomalies from network logs
Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (CRL Publishing, 2012)Dynamic web services are vulnerable to multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the ... -
Anomaly detection from network logs using diffusion maps
Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (Springer, 2011)The goal of this study is to detect anomalous queries from network logs using a dimensionality reduction framework. The fequencies of 2-grams in queries are extracted to a feature matrix. Dimensionality reduction is done ... -
Combining conjunctive rule extraction with diffusion maps for network intrusion detection
Juvonen, Antti; Sipola, Tuomo (IEEE, 2013)Network security and intrusion detection are important in the modern world where communication happens via information networks. Traditional signature-based intrusion detection methods cannot find previously unknown ...