Behavioural Network Traffic Analytics for Securing 5G Networks

The analysis of the network traffic in 5G networks is of high significance to the network security administrator, since it could allow for the identification of different behavioural groups and the distinction of anomalous from normal activity. The problem is the multi-dimensional nature of the data, e.g. SMS, call, Internet, services etc. that makes it difficult to analyse. This is even more challenging in 5G networks, compared to previous generation networks, since one more dimension is added to the traffic, representing different network slices. In this respect, activity that is normal in one slice can be anomalous in another. This paper presents a graph-based method for network mining and visualization of user activities in a mobile network. The raw multi- dimensional network traffic data are used for the construction of multiple multi-dimensional graph- based features that capture specific behavioural aspects for each user. Within each feature, graph matching techniques are applied in order to identify groups of users with similar behaviour. The dissimilarity results for each feature are combined using a multi-objective visualization method. The outcome is a data visualization in which users with similar behaviour are depicted as points close to each other. The network analyst is able to select the desired trade-off among the multiple features, and visually detect groups of users with similar behaviours, as well as possible anomalous clusters or outliers. Experimental evaluation of the proposed approach in several application scenarios verify its efficiency.

[1]  Dimitrios Tzovaras,et al.  Multi-Objective Optimization for Multimodal Visualization , 2014, IEEE Transactions on Multimedia.

[2]  Thomas F. La Porta,et al.  A Detection Mechanism for SMS Flooding Attacks in Cellular Networks , 2012, SecureComm.

[3]  Longbing Cao,et al.  In-depth behavior understanding and use: The behavior informatics approach , 2010, Inf. Sci..

[4]  Tony Tung,et al.  The Augmented Multiresolution Reeb Graph Approach for Content-based Retrieval of 3d Shapes , 2005, Int. J. Shape Model..

[5]  Dimitrios Tzovaras,et al.  A multi-objective clustering approach for the detection of abnormal behaviors in mobile networks , 2015, 2015 IEEE International Conference on Communication Workshop (ICCW).

[6]  Ali A. Ghorbani,et al.  A Survey of Visualization Systems for Network Security , 2012, IEEE Transactions on Visualization and Computer Graphics.

[7]  Chiou-Shann Fuh,et al.  Multiple Kernel Learning for Dimensionality Reduction , 2011, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[8]  Ankur P. Parikh,et al.  Algorithms for Graph Similarity and Subgraph Matching , 2011 .

[9]  Xuelong Li,et al.  A survey of graph edit distance , 2010, Pattern Analysis and Applications.

[10]  Mohan S. Kankanhalli,et al.  Multimodal fusion for multimedia analysis: a survey , 2010, Multimedia Systems.

[11]  Bin Wu,et al.  Cell phone mini challenge award: Social network accuracy— exploring temporal communication in mobile call graphs , 2008, 2008 IEEE Symposium on Visual Analytics Science and Technology.

[12]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.

[13]  Dimitrios Tzovaras,et al.  A Novel Graph-Based Descriptor for the Detection of Billing-Related Anomalies in Cellular Mobile Networks , 2016, IEEE Transactions on Mobile Computing.

[14]  Lorenzo Livi,et al.  The graph matching problem , 2012, Pattern Analysis and Applications.

[15]  Dimitrios Tzovaras,et al.  MoVA: A Visual Analytics Tool Providing Insight in the Big Mobile Network Data , 2015, AIAI.

[16]  Marios Iliofotou Exploring Graph-Based Network Traffic Monitoring , 2009, IEEE INFOCOM Workshops 2009.

[17]  Kwan-Liu Ma,et al.  MobiVis: A Visualization System for Exploring Mobile Data , 2008, 2008 IEEE Pacific Visualization Symposium.

[18]  Ethem Alpaydin,et al.  Multiple Kernel Learning Algorithms , 2011, J. Mach. Learn. Res..

[19]  Danai Koutra,et al.  Graph based anomaly detection and description: a survey , 2014, Data Mining and Knowledge Discovery.

[20]  Rayid Ghani,et al.  Analyzing the effectiveness and applicability of co-training , 2000, CIKM '00.

[21]  Roger Piqueras Jover,et al.  Anomaly detection in cellular Machine-to-Machine communications , 2013, 2013 IEEE International Conference on Communications (ICC).

[22]  Michael G. Strintzis,et al.  Combining Topological and Geometrical Features for Global and Partial 3-D Shape Retrieval , 2008, IEEE Transactions on Multimedia.