A SON Solution for Sleeping Cell Detection Using Low-Dimensional Embedding of MDT Measurements

Automatic detection of cells which are in outage has been identified as one of the key use cases for Self Organizing Networks (SON) for emerging and future generations of cellular systems. A special case of cell outage, referred to as Sleeping Cell (SC) remains particularly challenging to detect in state of the art SON because in this case cell goes into outage or may perform poorly without triggering an alarm for Operation and Maintenance (O&M) entity. Consequently, no SON compensation function can be launched unless SC situation is detected via drive tests or through complaints registered by the affected customers. In this paper, we present a novel solution to address this problem that makes use of minimization of drive test (MDT) measurements recently standardized by 3GPP and NGMN. To overcome the processing complexity challenge, the MDT measurements are projected to a low-dimensional space using multidimensional scaling method. Then we apply state of the art k-nearest neighbor and local outlier factor based anomaly detection models together with pre-processed MDT measurements to profile the network behaviour and to detect SC. Our numerical results show that our proposed solution can automate the SC detection process with 93 accuracy

DoWitcher: Effective Worm Detection and Containment in the Internet Core

Enterprise networks are increasingly offloading the responsibility for worm detection and containment to the carrier networks. However, current approaches to the zero-day worm detection problem such as those based on content similarity of packet payloads are not scalable to the carrier link speeds (OC-48 and up-wards). In this paper, we introduce a new system, namely DoWitcher, which in contrast to previous approaches is scalable as well as able to detect the stealthiest worms that employ low-propagation rates or polymorphisms to evade detection. DoWitcher uses an incremental approach toward worm detection: First, it examines the layer-4 traffic features to discern the presence of a worm anomaly; Next, it determines a flow-filter mask that can be applied to isolate the suspect worm flows and; Finally, it enables full-packet capture of only those flows that match the mask, which are then processed by a longest common subsequence algorithm to extract the worm content signature. Via a proof-of-concept implementation on a commercially available network analyzer processing raw packets from an OC-48 link, we demonstrate the capability of DoWitcher to detect low-rate worms and extract signatures for even the polymorphic worm

Malware detection techniques for mobile devices

Mobile devices have become very popular nowadays, due to its portability and high performance, a mobile device became a must device for persons using information and communication technologies. In addition to hardware rapid evolution, mobile applications are also increasing in their complexity and performance to cover most needs of their users. Both software and hardware design focused on increasing performance and the working hours of a mobile device. Different mobile operating systems are being used today with different platforms and different market shares. Like all information systems, mobile systems are prone to malware attacks. Due to the personality feature of mobile devices, malware detection is very important and is a must tool in each device to protect private data and mitigate attacks. In this paper, analysis of different malware detection techniques used for mobile operating systems is provides. The focus of the analysis will be on the to two competing mobile operating systems - Android and iOS. Finally, an assessment of each technique and a summary of its advantages and disadvantages is provided. The aim of the work is to establish a basis for developing a mobile malware detection tool based on user profiling.Comment: 11 pages, 6 figure