Hybrid Model for Anomaly Detection on Call Detail Records by Time Series Forecasting
This work addresses anomaly detection for mobile network operators to improve security and network management, but it appears incremental as it combines existing methods without introducing a fundamentally new approach.
The paper tackled the problem of detecting anomalies in cellular network traffic by analyzing Call Detail Records, proposing a hybrid method that combines GARCH, K-means, and Neural Network to identify abnormal data and discuss potential causes.
Mobile network operators store an enormous amount of information like log files that describe various events and users' activities. Analysis of these logs might be used in many critical applications such as detecting cyber-attacks, finding behavioral patterns of users, security incident response, network forensics, etc. In a cellular network Call Detail Records (CDR) is one type of such logs containing metadata of calls and usually includes valuable information about contact such as the phone numbers of originating and receiving subscribers, call duration, the area of activity, type of call (SMS or voice call) and a timestamp. With anomaly detection, it is possible to determine abnormal reduction or increment of network traffic in an area or for a particular person. This paper's primary goal is to study subscribers' behavior in a cellular network, mainly predicting the number of calls in a region and detecting anomalies in the network traffic. In this paper, a new hybrid method is proposed based on various anomaly detection methods such as GARCH, K-means, and Neural Network to determine the anomalous data. Moreover, we have discussed the possible causes of such anomalies.