Mobile network operators store an enormous amount of information like log files that describe various events and users' activities. Analysis of these logs might be used in many critical applications such as detecting cyber-attacks, finding behavioral patterns of users, security incident response, network forensics, etc. In a cellular network Call Detail Records (CDR) is one type of such logs containing metadata of calls and usually includes valuable information about contact such as the phone numbers of originating and receiving subscribers, call duration, the area of activity, type of call (SMS or voice call) and a timestamp. With anomaly detection, it is possible to determine abnormal reduction or increment of network traffic in an area or for a particular person. This paper's primary goal is to study subscribers' behavior in a cellular network, mainly predicting the number of calls in a region and detecting anomalies in the network traffic. In this paper, a new hybrid method is proposed based on various anomaly detection methods such as GARCH, K-means, and Neural Network to determine the anomalous data. Moreover, we have discussed the possible causes of such anomalies.
翻译:移动网络操作员存储了大量信息,如描述各种事件和用户活动的日志文件等。对这些日志的分析可能用于许多关键应用,如发现网络攻击、发现用户的行为模式、安全事件反应、网络法证等。在蜂窝网络中,呼叫详细记录(CDR)是一种包含电话元数据的记录,通常包括一些关于联系的宝贵信息,如源用户和接收用户的电话号码、呼叫时间、活动领域、呼叫类型(SMS或语音电话)和时间戳。在发现异常现象后,有可能确定某一地区或某个特定人员的网络通信量的异常减少或增加。本文的主要目的是研究移动电话网络用户的行为,主要是预测一个区域的通话次数,并发现网络交通中的异常现象。在本文中,根据诸如GRCH、K手段和Neural网络等各种异常探测方法提出了一种新的混合方法,以确定异常数据。此外,我们讨论了此类异常现象的可能原因。