Skip to Main content Skip to Navigation

Novel anomaly detection and classification algorithms for IP and mobile networks

Abstract : Last years have witnessed an increase in the diversity and frequency of network attacks, that appear more sophisticated than ever and devised to be undetectable. At the same time, customised techniques have been designed to detect them and to take rapid countermeasures. The recent surge in statistical and machine learning techniques largely contributed to provide novel and sophisticated techniques to allow the detection of such attacks. These techniques have multiple applications to enable automation in various fields. Within the networking area, they can serve traffic routing, traffic classification, and network security, to name a few. This thesis presents novel anomaly detection and classification techniques in IP and mobile networks. At IP level, it presents our solution Split-and-Merge which detects botnets slowly spreading on the Internet exploiting emerging vulnerabilities. This technique monitors the long-term evolutions of the usages of application ports. Then, our thesis tackles the detection of botnet’s infected hosts, this time at the host-level, using classification techniques, in our solution BotFP. Finally, it presents our ASTECH (for Anomaly SpatioTEmporal Convex Hull) methodology for group anomaly detection in mobile networks based on mobile app usages.
Complete list of metadata
Contributor : Agathe Blaise <>
Submitted on : Tuesday, April 6, 2021 - 12:19:34 PM
Last modification on : Thursday, April 8, 2021 - 3:37:01 AM
Long-term archiving on: : Wednesday, July 7, 2021 - 6:29:03 PM


Files produced by the author(s)


  • HAL Id : tel-03190474, version 1


Agathe Blaise. Novel anomaly detection and classification algorithms for IP and mobile networks. Networking and Internet Architecture [cs.NI]. Sorbonne Université, 2020. English. ⟨tel-03190474⟩



Record views


Files downloads