Mobile Anomaly Detection Based on Improved Self-Organizing Maps

Anomaly detection has always been the focus of researchers and especially, the developments of mobile devices raise new challenges of anomaly detection. For example, mobile devices can keep connection with Internet and they are rarely turned off even at night. This means mobile devices can attack nodes or be attacked at night without being perceived by users and they have different characteristics from Internet behaviors. The introduction of data mining has made leaps forward in this field. Self-organizing maps, one of famous clustering algorithms, are affected by initial weight vectors and the clustering result is unstable. The optimal method of selecting initial clustering centers is transplanted from -means to SOM. To evaluate the performance of improved SOM, we utilize diverse datasets and KDD Cup99 dataset to compare it with traditional one. The experimental results show that improved SOM can get higher accuracy rate for universal datasets. As for KDD Cup99 dataset, it achieves higher recall rate and precision rate.

[1]  J. Bezdek,et al.  FCM: The fuzzy c-means clustering algorithm , 1984 .

[2]  Nitesh V. Chawla,et al.  Anomaly detection in a mobile communication network , 2007, Comput. Math. Organ. Theory.

[3]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[4]  Chunyong Yin,et al.  Parallel implementing improved k-means applied for image retrieval and anomaly detection , 2017, Multimedia Tools and Applications.

[5]  Lu Feng,et al.  A Feature Selection Method for Improved Clonal Algorithm Towards Intrusion Detection , 2016, Int. J. Pattern Recognit. Artif. Intell..

[6]  Jin Wang,et al.  An improved anonymity model for big data security based on clustering algorithm , 2017, Concurr. Comput. Pract. Exp..

[7]  Teuvo Kohonen,et al.  Essentials of the self-organizing map , 2013, Neural Networks.

[8]  Agostino Forestiero Self-organizing anomaly detection in data streams , 2016, Inf. Sci..

[9]  Sahin Albayrak,et al.  Monitoring Smartphones for Anomaly Detection , 2008, Mob. Networks Appl..

[10]  Saeed Shahrivari,et al.  High performance parallel $$k$$k-means clustering for disk-resident datasets on multi-core CPUs , 2014, The Journal of Supercomputing.

[11]  Georgios Kambourakis,et al.  New facets of mobile botnet: architecture and evaluation , 2015, International Journal of Information Security.

[12]  Bin Gu,et al.  Incremental Support Vector Learning for Ordinal Regression , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[13]  Bin Gu,et al.  Incremental learning for ν-Support Vector Regression , 2015, Neural Networks.

[14]  Lu Feng,et al.  An improved Hoeffding-ID data-stream classification algorithm , 2015, The Journal of Supercomputing.

[15]  Carlos Dafonte,et al.  HSC: A multi-resolution clustering strategy in Self-Organizing Maps applied to astronomical observations , 2012, Appl. Soft Comput..

[16]  Yongjun Zhang,et al.  An Optimized Method for Selection of the Initial Centers of K-Means Clustering , 2013, IUKM.

[17]  Duc Truong Pham,et al.  NBSOM: The naive Bayes self-organizing map , 2011, Neural Computing and Applications.