Clustering NGN user behavior for anomaly detection
نویسندگان
چکیده
In the vision of both researchers and standardization committees, networks and services will evolve in the direction of increasing pervasiveness, convergence, and quality of service management capability. Consequently, users will gain an increasing dependency on the presence and availability of network connectivity and the huge plethora of provided services. Yet fostering the development of our society, such dependency on a relatively young technology poses serious threats, especially from the trustworthiness, security and privacy point of view. In this paper, we will describe and critically evaluate user behavior clustering aimed at monitoring and assuring the security of NGN-based applications. Different models of user behavior, developed within both ISP and academic research projects will be described, and several techniques for manipulating and exploiting such model for the anomaly detection purpose will be described and evaluated. a 2010 Elsevier Ltd. All rights reserved.
منابع مشابه
Application of Combined Local Object Based Features and Cluster Fusion for the Behaviors Recognition and Detection of Abnormal Behaviors
In this paper, we propose a novel framework for behaviors recognition and detection of certain types of abnormal behaviors, capable of achieving high detection rates on a variety of real-life scenes. The new proposed approach here is a combination of the location based methods and the object based ones. First, a novel approach is formulated to use optical flow and binary motion video as the loc...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملA Hybrid Command Sequence Model for Anomaly Detection
A new anomaly detection method based on models of user behavior at the command level is proposed as an intrusion detection technique. The hybrid command sequence (HCS) model is trained from historical session data by a genetic algorithm, and then it is used as the criterion in verifying observed behavior. The proposed model considers the occurrence of multiple command sequence fragments in a si...
متن کاملAnomaly Detection by Reasoning from Evidence in Mobile Wireless Networks
Anomaly detection is concerned with identification of abnormal patterns of behavior of a system. Traditional supervised machine learning methods of classification rely on training data in the form of labeled data instances representative of each class (e.g. normal vs anomalous data). Clustering methods, on the other hand, do not require a priori knowledge of how anomalies are represented in the...
متن کاملTO Overcome UDP Flooding Attacks in IP Multimedia Subsystem (NGN) using the Genetic Intrusion Detection Systems (IDS)
IP Multimedia Subsystem designed by the 3 Generation Partnership Project to provide the access networks services and telecommunication services, plans to merge services like multimedia, data and voice conversation under one umbrella. In this research, network based anomaly detection system is proposed by using Genetic Algorithm rules to avoid such attacks like UDP Flooding which cause the DoS a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Inf. Sec. Techn. Report
دوره 16 شماره
صفحات -
تاریخ انتشار 2011