2015 | OriginalPaper | Buchkapitel
Dandelion - Revealing Malicious Groups of Interest in Large Mobile Networks
verfasst von : Wei Wang, Mikhail Istomin, Jeffrey Bickford
Erschienen in: Network and System Security
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
There are an enormous number of security anomalies that occur across the Internet on a daily basis. These anomalies are typically viewed as individual security events that are manually analyzed in order to detect an attack and take action. Important characteristics of an attack may go unnoticed due to limited manual resources. Mobile attacks introduce further complexity by typically traversing multiple types of networks making correlation and detection even more challenging. In this paper, we propose a system Dandelion, which aims to automatically correlate individual security anomalies together to reveal an entire mobile attack campaign. The system also identifies previously unknown malicious network entities that are highly correlated. Our prototype system correlates thousands of network anomalies across both the SMS and IP networks of a large US tier-1 mobile service provider, reducing them to approximately $$20\sim 30$$ groups of interest a day. To demonstrate Dandelion’s value, we show how our system has provided the critical information necessary to human analysts in detecting and mitigating previously unknown mobile attacks.