| Intrusion detection is the art of detecting inappropriate, incorrect, or anomalous activities. There are two types of Intrusion Detection Systems (IDSs) such as: misuse detection systems and anomaly detection systems. When used in a wireless system, IDS is designed to capture the malicious use of available services so that it protects availability and security for legitimate users. Several intrusion detection technologies such as calling patterns on application layer, Radio Frequency Fingerprinting (RFF) on physic layer, and detection on the network layer are designed to protect wireless networks.;As a complement to the above technologies, employing User Mobility (UM) profiling, this thesis addresses the following open question: how to identify abnormal users efficiently with low false alarm rate in the anomaly detection system.;This thesis provides a feasible solution to this question with two classification frameworks, Instance Based Learning (IBL) and Hidden Markov Models (HMMs). It also describes details of design and implementation of the frameworks. The performance of two frameworks were evaluated by simulating the IBL with location data, and the HMMs with both location data and other mobility features (e.g., transmission time, speed, and course). The True Detection Rate (TDR), True Acceptance Rate (TAR), and False Detection Rate (FDR) were examined. The IBL framework has better success rate and is easy to implement. The HMMs framework could produce precise results if it has enough data from profiled users.;Moreover, this thesis analyzes a performance of the true detection rate and false alarm rate with authentic UM position data and other related mobility features. |
PDF Full Text Request