Abstract
This paper introduces novel attack detection approaches on mobile and wireless device security and network which consider temporal relations between internet packets. In this paper we first present a field selection technique using a Genetic Algorithm and generate a Packet-based Mining Association Rule from an original Mining Association Rule for Support Vector Machine in mobile and wireless network environment. Through the preprocessing with PMAR, SVM inputs can account for time variation between packets in mobile and wireless network. Third, we present Gaussian observation Hidden Markov Model to exploit the hidden relationships between packets based on probabilistic estimation. In our G-HMM approach, we also apply G-HMM feature reduction for better initialization. We demonstrate the usefulness of our SVM and G-HMM approaches with GA on MIT Lincoln Lab datasets and a live dataset that we captured on a real mobile and wireless network. Moreover, experimental results are verified by -fold cross-validation test.
Highlights
The world-wide connectivity and the growing importance of internet have greatly increased the potential damage, which is inflicted by attacks over the internet
We propose a feature selection method based on a genetic algorithm (GA) and two kinds of temporal based machine learning algorithms to derive the relations between packets as follows: support vector machine (SVM) with packet-based mining association rule (PMAR) and Gaussian observation hidden Markov model (G-HMM)
We propose our data preprocessing method based on MAR for SVM performance, which is called PMAR
Summary
The world-wide connectivity and the growing importance of internet have greatly increased the potential damage, which is inflicted by attacks over the internet. Many anomaly detection methods have been researched in order to solve the signature schemes problem by using machine learning algorithms. Even if we use good anomaly detection methods, there are still difficult problems to select proper features and to consider the relations among inputs in a given problem domain. We propose a feature selection method based on a genetic algorithm (GA) and two kinds of temporal based machine learning algorithms to derive the relations between packets as follows: support vector machine (SVM) with packet-based mining association rule (PMAR) and Gaussian observation hidden Markov model (G-HMM). We conclude and give some recommendation for future work
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have