Recurrent neural network model for detecting Diameter signalling patterns in LTE control-plane traffic
Liukkonen, Mikko (2017)
Tässä tietueessa ei ole kokotekstiä saatavilla Treposta, ainoastaan metadata.
Liukkonen, Mikko
2017
Tietojenkäsittelytieteiden tutkinto-ohjelma - Degree Programme in Computer Sciences
Luonnontieteiden tiedekunta - Faculty of Natural Sciences
Hyväksymispäivämäärä
2017-04-20
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:uta-201704211458
https://urn.fi/URN:NBN:fi:uta-201704211458
Tiivistelmä
Data roaming in the LTE network has become popular because people want to continue using the same services abroad as in their home network. Hence, the control traffic in the LTE network has increased and it has brought fraudulent activities to the network as a side effect. The traffic in the control-plane is based on the Diameter protocol, which has prescribed actions that the interfaces must support.
A small fraction of the total control traffic contains fraudulent signalling patterns, but the high amount of data in total compels us to use machine learning tools in order to find these rare signalling patterns, such as a denial of service attack against the subscriber or the network, unauthorized modification of charging characteristics, and the location tracking of a user which violates the subscriber's privacy. Some of the fraudulent activities may result in a revenue loss for the service provider. These cases create a need for deeper signalling pattern analysis.
This thesis examines the detection of Diameter signalling patterns using recurrent neural networks. The analysis is done with two different datasets: data from the real mobile network which contains typical signalling patterns such as network registration or tracking area updates, and the second dataset contains synthetic roaming scenarios with normal traffic patterns as well as the user targeted denial of service attacks. The objectives of both analyses are to measure how accurately any signalling pattern can be detected using recurrent neural networks.
A small fraction of the total control traffic contains fraudulent signalling patterns, but the high amount of data in total compels us to use machine learning tools in order to find these rare signalling patterns, such as a denial of service attack against the subscriber or the network, unauthorized modification of charging characteristics, and the location tracking of a user which violates the subscriber's privacy. Some of the fraudulent activities may result in a revenue loss for the service provider. These cases create a need for deeper signalling pattern analysis.
This thesis examines the detection of Diameter signalling patterns using recurrent neural networks. The analysis is done with two different datasets: data from the real mobile network which contains typical signalling patterns such as network registration or tracking area updates, and the second dataset contains synthetic roaming scenarios with normal traffic patterns as well as the user targeted denial of service attacks. The objectives of both analyses are to measure how accurately any signalling pattern can be detected using recurrent neural networks.