Analyzing Android Encrypted Network Traffic to Identify User Actions

Conti, Mauro; Mancini, Luigi V.; Spolaor, Riccardo; Verde, Nino Vincenzo

doi:10.1109/tifs.2015.2478741

Cited by 231 publications

(122 citation statements)

References 32 publications

Supporting

Mentioning

120

Contrasting

Order By: Relevance

“…Virtual SON (VSON), which integrates lately developed technologies such as software-defined wireless networking (SDWN), NFV, big data, ML, has been recently introduced as a prime proposal for future SON [17]. In this subsection, we propose and analyze an Open-SON for 5G in which we can apply data analytics and ML algorithms to develop variety SON applications.…”

Section: Open Platform For 5g Sonmentioning

confidence: 99%

Applying Big Data, Machine Learning, and SDN/NFV for 5G Early-Stage Traffic Classification and Network QoS Control

Lin

2018

TNC

View full text Add to dashboard Cite

Due to the rapid growth of mobile broadband and IoT applications, the early-stage mobile traffic classification becomes more important for traffic engineering to guarantee Quality of Service (QoS), implement resource management, and network security. Therefore, identifying traffic flows based on a few packets during the early state has attracted attention in both academic and industrial fields. However, a powerful and flexible platform to handle millions of traffic flows is still challenging. This study aims to demonstrate how to integrate various state-of-the-art machine learning (ML) algorithms, big data analytics platforms, software-defined networking (SDN), and network functions virtualization (NFV) to build a comprehensive framework for developing future 5G SON applications. This platform successfully collected, stored, analyzed, and identified a huge number of real-time traffic flows at broadband Mobile Lab (BML), National Chiao Tung University (NCTU). Moreover, we also implemented network QoS control to configure priorities per-flow traffic to enable bandwidth guarantees for each application by using SDN. Finally, the performance of the proposed models was evaluated by applying them to a real testbed environment. The powerful computing capacity of the platform was also analyzed.

show abstract

Section: Open Platform For 5g Sonmentioning

confidence: 99%

Applying Big Data, Machine Learning, and SDN/NFV for 5G Early-Stage Traffic Classification and Network QoS Control

Lin

2018

TNC

View full text Add to dashboard Cite

show abstract

“…intrusion detection [12], the identification of Android applications usage [2], IoT devices [7] or web crawlers [4]. Most proposals focus though on modeling communications made by a single host [5], [6], [13] i.e.…”

Section: Related Workmentioning

confidence: 99%

“…Modeling network communication patterns has several applications including intrusion detection [12], bot detection [4] and identification of running applications on a device [2]. While network traffic monitoring has also been used to profile host communications [3], [5], [13], little attention has been given to profiling a specific user based on the network traffic she generates.…”

Section: Introductionmentioning

confidence: 99%

Profiling Users by Modeling Web Transactions

Tomsu¹,

Marchal²,

Asokan³

2017

2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)

View full text Add to dashboard Cite

Abstract-Users of electronic devices, e.g., laptop, smartphone, etc. have characteristic behaviors while surfing the Web. Profiling this behavior can help identify the person using a given device. In this paper, we introduce a technique to profile users based on their web transactions. We compute several features extracted from a sequence of web transactions and use them with oneclass classification techniques to profile a user. We assess the efficacy and speed of our method at differentiating 25 synthetic users on a benchmark dataset (from a major security vendor) representing 6 months of web traffic monitoring from a small enterprise network.

show abstract

“…Therefore, we can identify malware by analyzing the critical behavior of application software in network traffic. A number of traffic features have been identified for malicious apps detection [3][4][5][6][7][8]. However, the prior arts have encountered some challenges, such as the lack of sufficient labeled traffic data, and most of the mobile devices intrusion detection systems use a host-based intrusion detection model [6][7][8], which means that the intrusion detection system is installed as a client on the smartphone.…”

Section: Introductionmentioning

confidence: 99%

An adaptive smartphone anomaly detection model based on data mining

Hu¹,

Zhang²,

Wang³

2018

J Wireless Com Network

View full text Add to dashboard Cite

With the popularization of smartphones, they have become the main target of malicious applications. In recent years, malware has become a major threat to Android smartphones. Detection for malicious applications in smartphone has become a research hotspot. There are many studies that were mainly based on host mode. Although this kind of approach has the advantage of an effective collection of client features, it can interfere with the original environment for detection and only applies to certain versions of phones. In this paper, we combine network traffic analysis with data mining to identify malicious network behavior. We improve Apriori algorithm to extract network traffic features from network data, and overall exposes malware functionalities through operational behavioral triggers. Then, it adopts a density-based local outlier factor (LOF) clustering algorithm to form a detection model. ADMDM model can effectively detect an anomaly, and it has good results in unknown anomaly detection. The proposed model can be used for daily smartphone security checking and evaluation. Moreover, ADMDM enriches techniques for dynamic smartphone behavior analysis.

show abstract

Analyzing Android Encrypted Network Traffic to Identify User Actions

Cited by 231 publications

References 32 publications

Applying Big Data, Machine Learning, and SDN/NFV for 5G Early-Stage Traffic Classification and Network QoS Control

Applying Big Data, Machine Learning, and SDN/NFV for 5G Early-Stage Traffic Classification and Network QoS Control

Profiling Users by Modeling Web Transactions

An adaptive smartphone anomaly detection model based on data mining

Contact Info

Product

Resources

About