{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,3]],"date-time":"2025-08-03T04:32:38Z","timestamp":1754195558421,"version":"3.40.3"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319016030"},{"type":"electronic","value":"9783319016047"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-319-01604-7_42","type":"book-chapter","created":{"date-parts":[[2013,9,23]],"date-time":"2013-09-23T12:37:45Z","timestamp":1379939865000},"page":"429-438","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach"],"prefix":"10.1007","author":[{"given":"Omer H.","family":"Abdelrahman","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Erol","family":"Gelenbe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"G\u00f6k\u00e7e","family":"G\u00f6rbil","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Boris","family":"Oklander","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2013,9,24]]},"reference":[{"issue":"1\u20132","key":"42_CR1","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1016\/S0020-0255(96)00178-8","volume":"97","author":"J Aguilar","year":"1997","unstructured":"Aguilar J, Gelenbe E (1997) Task assignment and transaction clustering heuristics for distributed systems. Inf Sci 97(1\u20132):199\u2013219","journal-title":"Inf Sci"},{"key":"42_CR2","unstructured":"Arbor Networks (2012). http:\/\/www.arbornetworks.com\/research\/infrastructure-security-report"},{"key":"42_CR3","unstructured":"AVG (2011). http:\/\/mediacenter.avg.com\/content\/mediacenter\/en\/news\/new-avg-study.html"},{"issue":"10","key":"42_CR4","doi-asserted-by":"publisher","first-page":"730","DOI":"10.1109\/LCOMM.2008.080913","volume":"12","author":"A Barbuzzi","year":"2008","unstructured":"Barbuzzi A, Ricciato F, Boggia G (2008) Discovering parameter setting in 3G networks via active measurements. IEEE Commun Lett 12(10):730\u2013732","journal-title":"IEEE Commun Lett"},{"key":"42_CR5","unstructured":"BBC (2012). http:\/\/www.bbc.co.uk\/news\/technology-20080397"},{"key":"42_CR6","doi-asserted-by":"crossref","unstructured":"Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: Proceedins of SPSM \u201911, ACM, Chicago, pp 15\u201326","DOI":"10.1145\/2046614.2046619"},{"key":"42_CR7","unstructured":"Canalys (2012). http:\/\/www.canalys.com\/newsroom\/smart-phones-overtake-client-pcs-2011"},{"key":"42_CR8","unstructured":"Cisco (2013). http:\/\/www.cisco.com\/en\/US\/solutions\/collateral\/ns341\/ns525\/ns537\/ns705\/ns827\/white_paper_c11-520862.pdf"},{"key":"42_CR9","doi-asserted-by":"crossref","unstructured":"Enck W et al. (2005) Exploiting open functionality in SMS-capable cellular networks. In: Proceedings of CCS \u201905, ACM, Alexandria, pp 393\u2013404","DOI":"10.1145\/1102120.1102171"},{"issue":"4","key":"42_CR10","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/BF00268317","volume":"12","author":"E Gelenbe","year":"1979","unstructured":"Gelenbe E (1979) Probabilistic models of computer systems. Acta Inf 12(4):285\u2013303","journal-title":"Acta Inf"},{"issue":"4","key":"42_CR11","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1162\/neco.1989.1.4.502","volume":"1","author":"E Gelenbe","year":"1989","unstructured":"Gelenbe E (1989) Random neural networks with negative and positive signals and product form solution. Neural Comput 1(4):502\u2013510","journal-title":"Neural Comput"},{"key":"42_CR12","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1162\/neco.1993.5.1.154","volume":"5","author":"E Gelenbe","year":"1993","unstructured":"Gelenbe E (1993) Learning in the recurrent random neural network. Neural Comput 5:154\u2013164","journal-title":"Neural Comput"},{"issue":"7","key":"42_CR13","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1145\/1538788.1538809","volume":"52","author":"E Gelenbe","year":"2009","unstructured":"Gelenbe E (2009) Steps towards self-aware networks. Commun ACM 52(7):66\u201375","journal-title":"Commun ACM"},{"issue":"7","key":"42_CR14","doi-asserted-by":"publisher","first-page":"848","DOI":"10.1093\/comjnl\/bxs077","volume":"55","author":"E Gelenbe","year":"2012","unstructured":"Gelenbe E (2012) Natural computation. Comput J 55(7):848\u2013851","journal-title":"Comput J"},{"issue":"4","key":"42_CR15","doi-asserted-by":"publisher","first-page":"953","DOI":"10.1162\/089976699300016520","volume":"11","author":"E Gelenbe","year":"1999","unstructured":"Gelenbe E, Fourneau JM (1999) Random neural networks with multiple classes of signals. Neural Comput 11(4):953\u2013963","journal-title":"Neural Comput"},{"issue":"6","key":"42_CR16","doi-asserted-by":"publisher","first-page":"1257","DOI":"10.1109\/TNN.2002.804228","volume":"13","author":"E Gelenbe","year":"2002","unstructured":"Gelenbe E, Hussain K (2002) Learning in the multiple class random neural network. IEEE Trans. Neural Netw 13(6):1257\u20131267","journal-title":"IEEE Trans. Neural Netw"},{"issue":"2","key":"42_CR17","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1016\/S0377-2217(97)00371-8","volume":"108","author":"E Gelenbe","year":"1998","unstructured":"Gelenbe E, Labed A (1998) G-networks with multiple classes of signals and positive customers. Eur J Oper Res 108(2):293\u2013305","journal-title":"Eur J Oper Res"},{"issue":"5","key":"42_CR18","doi-asserted-by":"publisher","first-page":"1299","DOI":"10.1016\/j.comnet.2006.09.009","volume":"51","author":"E Gelenbe","year":"2007","unstructured":"Gelenbe E, Loukas G (2007) A self-aware approach to denial of service defence. Comput Netw 51(5):1299\u20131314","journal-title":"Comput Netw"},{"issue":"1","key":"42_CR19","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/BF00265220","volume":"7","author":"E Gelenbe","year":"1976","unstructured":"Gelenbe E, Muntz RR (1976) Probabilistic models of computer systems: Part i (exact results). Acta Inform 7(1):35\u201360","journal-title":"Acta Inform"},{"issue":"9","key":"42_CR20","doi-asserted-by":"publisher","first-page":"1360","DOI":"10.1093\/comjnl\/bxq010","volume":"53","author":"E Gelenbe","year":"2010","unstructured":"Gelenbe E, Timotheou S, Nicholson D (2010) Fast distributed near-optimum assignment of assets to tasks. Comput J 53(9):1360\u20131369","journal-title":"Comput J"},{"key":"42_CR21","volume-title":"LNEE","author":"Gelenbe E et al. (2013) NEMESYS: Enhanced network security for seamless service provisioning in the smart mobile ecosystem. In: Proceedings of ISCIS","year":"2013","unstructured":"Gelenbe E et al (2013) NEMESYS: Enhanced network security for seamless service provisioning in the smart mobile ecosystem. In: Proceedings of ISCIS (2013) LNEE. Springer, Berlin"},{"key":"42_CR22","unstructured":"GSMA (2012). http:\/\/www.gsma.com\/technicalprojects\/wp-content\/uploads\/2012\/04\/gsmasmarterappsforsmarterphones0112v.0.14.pdf"},{"key":"42_CR23","doi-asserted-by":"crossref","unstructured":"Gupta A et al (2013) Detecting MS initiated signaling DDoS attacks in 3G\/4G wireless networks. In: Proceedings of COMSNETS\u201913, pp 1\u20136","DOI":"10.1109\/COMSNETS.2013.6465568"},{"key":"42_CR24","doi-asserted-by":"crossref","unstructured":"Houmansadr A, Zonouz SA, Berthier R (2011) A cloud-based intrusion detection and response system for mobile phones. In: Proceedings of DSNW \u201911, IEEE Computer Society, Hong Kong, pp 393\u2013404","DOI":"10.1109\/DSNW.2011.5958860"},{"key":"42_CR25","volume-title":"Detecting android malware on network level","author":"D Iland","year":"2012","unstructured":"Iland D, Pucher A, Sch\u00e4uble T (2012) Detecting android malware on network level. Technical representation, UC Santa Barbara"},{"key":"42_CR26","doi-asserted-by":"crossref","unstructured":"Jiang N et al. (2012) Isolating and analyzing fraud activities in a large cellular network via voice call graph analysis. In: Proceedings of MobiSys \u201912, ACM, Lake District, UK, pp 253\u2013266.","DOI":"10.1145\/2307636.2307660"},{"key":"42_CR27","volume-title":"Analyzing the network friendliness of mobile applications","author":"S Jiantao","year":"2012","unstructured":"Jiantao S (2012) Analyzing the network friendliness of mobile applications. Technical representation, Huawei"},{"key":"42_CR28","doi-asserted-by":"crossref","unstructured":"Kim EK, McDaniel P, Porta T (2013) A detection mechanism for SMS flooding attacks in cellular networks. In: SecureComm\u201912, LNICST, vol 106, Springer, Berlin, pp 76\u201393.","DOI":"10.1007\/978-3-642-36883-7_6"},{"issue":"15","key":"42_CR29","doi-asserted-by":"publisher","first-page":"2601","DOI":"10.1016\/j.comnet.2009.05.008","volume":"53","author":"PPC Lee","year":"2009","unstructured":"Lee PPC, Bu T, Woo T (2009) On the detection of signaling DoS attacks on 3G\/WiMax wireless networks. Comput Netw 53(15):2601\u20132616","journal-title":"Comput Netw"},{"key":"42_CR30","unstructured":"Lever C et al. (2013) The core of the matter: analyzing malicious traffic in cellular carriers. In: Proceedings NDSS\u201913, San Diego, CA, pp 1\u201316."},{"key":"42_CR31","unstructured":"Lookout Mobile Security (2013). https:\/\/blog.lookout.com\/blog\/2013\/04\/19\/the-bearer-of-badnews-malware-google-play"},{"key":"42_CR32","unstructured":"Maslennikov D (2013) http:\/\/www.securelist.com\/en\/analysis\/204792283\/Mobile_Malware_Evolution_Part_6 Technical representaion, Kaspersky Lab"},{"key":"42_CR33","doi-asserted-by":"crossref","unstructured":"Murynets I, Jover RP (2012) Crime scene investigation: SMS spam data analysis. In: Proceedings of IMC \u201912, ACM, Boston, pp 441\u2013452.","DOI":"10.1145\/2398776.2398822"},{"key":"42_CR34","doi-asserted-by":"crossref","unstructured":"Papadopoulos S, Tzovaras D (2013) Towards visualizing mobile network data. In: Proceedings of ISCIS 2013. Springer, Berlin.","DOI":"10.1007\/978-3-319-01604-7_37"},{"key":"42_CR35","doi-asserted-by":"crossref","unstructured":"Portokalidis G et al. (2010) Paranoid Android: versatile protection for smartphones. In: Proceedings of ACSAC \u201910, ACM, Austin, pp. 347\u2013356.","DOI":"10.1145\/1920261.1920313"},{"key":"42_CR36","doi-asserted-by":"crossref","unstructured":"Qian F et al. (2010) Characterizing radio resource allocation for 3G networks. In: Proceedings of IMC \u201910, ACM, Melbourne, pp 137\u2013150.","DOI":"10.1145\/1879141.1879159"},{"key":"42_CR37","unstructured":"Qian Z et al. (2012) You can run, but you can\u2019t hide: exposing network location for targeted DoS attacks in cellular networks. In: Proceedings of NDSS\u201912, San Diego, pp 137\u2013150."},{"key":"42_CR38","unstructured":"Rethink Wireless (2012). http:\/\/www.rethink-wireless.com\/2012\/01\/30\/docomo-demands-googles-signalling-storm.htm"},{"issue":"5","key":"42_CR39","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1016\/j.comcom.2009.11.015","volume":"33","author":"F Ricciato","year":"2010","unstructured":"Ricciato F, Coluccia A, D\u2019Alconzo A (2010) A review of DoS attack models for 3G cellular networks from a system-design perspective. Comput Commun 33(5):551\u2013558","journal-title":"Comput Commun"},{"issue":"1","key":"42_CR40","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1007\/s11036-008-0113-x","volume":"14","author":"AD Schmidt","year":"2009","unstructured":"Schmidt AD et al (2009) Monitoring smartphones for anomaly detection. Mobile Netw Appl 14(1): 92\u2013106","journal-title":"Mobile Netw Appl"},{"key":"42_CR41","doi-asserted-by":"crossref","unstructured":"Serror J, Zang H, Bolot JC (2006) Impact of paging channel overloads or attacks on a cellular network. In: Proceedings of WiSe \u201906, ACM, Los Angeles, pp 137\u2013150","DOI":"10.1145\/1161289.1161304"},{"key":"42_CR42","doi-asserted-by":"crossref","unstructured":"Vural I, Venter H (2010) Mobile botnet detection using network forensics. In: Proceedings of FIS\u201910, LNCS, vol 6369. Springer, Berlin, pp 57\u201367","DOI":"10.1007\/978-3-642-15877-3_7"},{"key":"42_CR43","doi-asserted-by":"crossref","unstructured":"Wang Z et al. (2011) An untold story of middleboxes in cellular networks. In: Proceedings of SIGCOMM 2011, ACM, Toronto, pp 57\u201367","DOI":"10.1145\/2018436.2018479"},{"key":"42_CR44","doi-asserted-by":"crossref","unstructured":"Yan G, Eidenbenz S, Galli E (2009) SMS-watchdog: Profiling social behaviors of SMS users for anomaly detection. In: Proceedings of RAID \u201909, Springer, Saint-Malo, pp 202\u2013223","DOI":"10.1007\/978-3-642-04342-0_11"},{"key":"42_CR45","doi-asserted-by":"crossref","unstructured":"Zhao B et al. (2012) Mirroring smartphones for good: A feasibility study. In: MobiQuitous\u201910, LNICST, vol 73. Springer, Berlin, pp 26\u201338","DOI":"10.1007\/978-3-642-29154-8_3"}],"container-title":["Lecture Notes in Electrical Engineering","Information Sciences and Systems 2013"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-01604-7_42","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T02:55:49Z","timestamp":1674528949000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-01604-7_42"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783319016030","9783319016047"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-01604-7_42","relation":{},"ISSN":["1876-1100","1876-1119"],"issn-type":[{"type":"print","value":"1876-1100"},{"type":"electronic","value":"1876-1119"}],"subject":[],"published":{"date-parts":[[2013]]},"assertion":[{"value":"24 September 2013","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}