nach oben

International Journal of Information Security

Erschienen in:

08.02.2017 | Regular Contribution

Using targeted Bayesian network learning for suspect identification in communication networks

verfasst von: A. Gruber, I. Ben-Gal

Erschienen in: International Journal of Information Security | Ausgabe 2/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This paper proposes a machine learning application to identify mobile phone users suspected of involvement in criminal activities. The application characterizes the behavioral patterns of suspect users versus non-suspect users based on usage metadata such as call duration, call distribution, interaction time preferences and text-to-call ratios while avoiding any access to the content of calls or messages. The application is based on targeted Bayesian network learning method. It generates a graphical network that can be used by domain experts to gain intuitive insights about the key features that can help identify suspect users. The method enables experts to manage the trade-off between model complexity and accuracy using information theory metrics. Unlike other graphical Bayesian classifiers, the proposed application accomplishes the task required of a security company, namely an accurate suspect identification rate (recall) of at least 50% with no more than a 1% false identification rate. The targeted Bayesian network learning method is also used for additional tasks such as anomaly detection, distinction between “relevant” and “irrelevant” anomalies, and for associating anonymous telephone numbers with existing users by matching behavioral patterns.

Vorheriger Artikel Structural analysis and detection of android botnets using machine learning techniques

Nächster Artikel Dynamic reversed accumulator

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Ben-Akiva, M., Bierlaire, M.: Discrete choice methods and their applications to short term travel decisions. In: Handbook of Transportation Science, pp. 5–33. Springer, New York (1999)

Ben-Dov, M., Wu, W., Feldman, R., Cairns, P.A.: Improving Knowledge Discovery by Combining Text-Mining & Link Analysis Techniques. Lake Buena Vista, Florida: Workshop on Link Analysis, Counter-terrorism, and Privacy, in conjunction with SIAM International Conference on Data Mining (2004)

Ben-Gal, I.: Bayesian networks. In: Ruggeri, F., Faltin, F., Kenett, R. (eds.) Encyclopedia of Statistics in Quality and Reliability. Wiley, New Jersey (2007)

Bishop, C.: Neural Networks for Pattern Recognition. Oxford University Press, Oxford (1995)MATH

Bolton, R.J., Hand, D.J.: Statistical fraud detection: a review. 2002. Stat. Sci. 17, 235 (2002)CrossRefMATH

Bouchard, M., Joffres, K., Frank, R.: Preliminary analytical considerations in designing a terrorism and extremism online network extractor. In: Computational Models of Complex Systems, pp. 171–184. Springer International Publishing (2014)

Boulton, G.: Open your minds and share your results. Nature 486(7404), 441–441 (2012)CrossRef

Burns K.: In US cities, open data is not just nice to have; it’s the norm. The Guardian, 21 Oct 2013. www.theguardian.com/local-government-network/2013/oct/21/open-data-us-san-francisco (2013)

Chickering, D.M., Geiger, D., Heckerman, D.: Learning Bayesian networks: the combination of knowledge and statistical data. Mach. Learn. 20, 197–243 (1995)MATH

10.

Ching, J.Y., Wong, A.K.C., Chan, K.C.C.: Class-dependent discretization for inductive learning from continuous and mixed mode data. IEEE Trans. Pattern Anal. Mach. Intell. 17–7, 641–650 (1995)CrossRef

11.

Chow, C.K., Liu, C.N.: Approximating discrete probability distributions with dependence trees. IEEE Trans. Inf. Theory IT-14, 462–467 (1968)

12.

Claeskens, N.L., Hjort, G.: The focused information criterion. J. Am. Stat. Assoc. 98, 900–945 (2003)MathSciNetCrossRefMATH

13.

De Montjoye, Y.A., Radaelli, L., Singh, V.K.: Unique in the shopping mall: On the reidentifiability of credit card metadata. Science 347(622), 536–539 (2015)CrossRef

14.

Duda, R.R., Hart, P.: Pattern Classification and Scene Analysis. Wiley, New York (1973)MATH

15.

Friedman, N., Geiger, D., Goldszmidt, M.: Bayesian network classifiers. Mach. Learn. 29, 131–163 (1997)CrossRefMATH

16.

Ganganwar, V.: An overview of classification algorithms for imbalanced datasets. Int. J. Emerg. Technol. Adv. Eng. 2(4), 42–47 (2012)

17.

Grau, J., Ben-Gal, I., Posch, S., Grosse, I.: VOMBAT: prediction of transcription factor binding sites using variable order Bayesian trees. Nucleic Acids Res 34(suppl 2), W529–W533 (2006)CrossRef

18.

Gruber, A., Ben-Gal, I.: Efficient Bayesian network learning for optimization in systems engineering. Qual. Technol. Quant. Manag. 9–1, 97–114 (2012)CrossRef

19.

Heckerman, D.: A tutorial on learning with Bayesian networks.: MS TR-95-06 (1995)

20.

Jensen, D., Rattigan, M., Blau, H.: Information awareness: a prospective technical assessment. In: Proceedings of SIGKDD03 , pp. 378–387 (2003)

21.

Kelner, K., Lerner, B.: Learning Bayesian network classifiers by risk minimization. Int. J. Approx. Reason. 53, 248–272 (2012)MathSciNetCrossRefMATH

22.

Kreykes, B.D.: Data mining and counter-terrorism: the use of telephone records as an investigatory tool in the war on terror. ISJLP 4, 431 (2008)

23.

Marturana, F., Tacconi, S.: A machine learning-based triage methodology for automated categorization of digital media. Digit. Investig. 10, 193–204 (2013)CrossRef

24.

Mayer, J., Mutchler, P., Mitchell, J.C.: Evaluating the privacy properties of telephone metadata. Proc. Nat. Acad. Sci. 113(20), 5536–5541 (2016)CrossRef

25.

Mena, J.: Homeland security techniques and technologies. Charles River Media 198(254), 262–263 (2007)

26.

Meng, G., Dan, L., Ni-hong, W., Li-chen, L.: A network intrusion detection model based on K-means algorithm and information entropy. Int. J. Secur. Appl. 8(6), 285–294 (2014)

27.

Nhauo, D., Sung-Ryul, K.: Classification of malicious domain names using support vector machine and Bi-gram method. Int. J. Secur. Appl. 7(1) January, 51 (2013)

28.

Ng, A., Jordan, M.: On discriminative versus generative classifiers: a comparison of logistic regression and naive Bayes. Adv Neural Inf. Process. Syst. v2. pp. 841–848 (2002)

29.

Pearl, J.J.: Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann, San Francisco (1988)MATH

30.

Pearl, J.J.: Causality: Models, Reasoning, and Inference. University Press, Cambridge (2000)MATH

31.

Phua, C., Lee, V., Smith, K., Gayler, R.: A comprehensive survey of data mining-based fraud detection research. www.bsys.monash.edu.au/people/cphua (2005)

32.

Shmueli, E., Tassa, T.W., Shapira, B., Rokach, L.: Data mining for software trustworthiness. Inf. Sci. 191, 98–127 (2012)CrossRefMATH

33.

Stolfo, S.J., Fan, W., Lee, W., Prodromidis, A., Chan, P.K.: Cost-based modeling for fraud and intrusion detection: results from the JAM project. In: DARPA Information Survivability Conference and Exposition, 2000. DISCEX’00. IEEE Proceedings, vol. 2, pp. 130–144. (2000)

34.

Williamson, J.J.: Approximating discrete probability distributions with Bayesian networks. Hobart Tasmani, Proceedings of the International Conference on Artificial Intelligence in Science and Technology (2000)

35.

Van Renesse, R., Birman, K., Vogels, W.: Astrolabe: a robust and scalable technology for distributed system monitoring management, and data mining. ACM Trans. Comput. Syst. 21, 164–206 (2003)CrossRef

36.

Zhu, D., Premkumar, G., Zhang, X., Chu, C.H.: Data mining for network intrusion detection: a comparison of alternative methods. Decis. Sci. 32, 635–660 (2001)CrossRef

Titel: Using targeted Bayesian network learning for suspect identification in communication networks
verfasst von: A. Gruber
I. Ben-Gal
Publikationsdatum: 08.02.2017
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 2/2018
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-017-0362-4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2018

Dynamic reversed accumulator

A methodology to measure and monitor level of operational effectiveness of a CSOC

HoneyCirculator: distributing credential honeytoken for introspection of web-based attack cycle

Accumulable optimistic fair exchange from verifiably encrypted homomorphic signatures

Structural analysis and detection of android botnets using machine learning techniques

A game-theoretic approach for integrity assurance in resource-bounded systems