Data-Driven Design for Anomaly Detection in Network Access Control Systems

Musa Abubakar Muhammad, Fabio Caraffini, Adebamigbe Fasanmade, Olabayo Ishola, Kabiru Mohammed, Jarrad Morden

Research output: Chapter in Book/Report/Conference proceedingConference proceedingpeer-review

Abstract

Current network access control systems can contain unpredictable interactions between multiple device models, multiple network protocol layers (e.g. TCP, UDP and ICMP), hardware, and clock-skew-specific influences, and cannot detect or identify abnormal behaviours based on the type of device. To complicate things further, the ‘bring your own device’ policy is increasing security threats, vulnerabilities, and risks to enterprise network environments, making intrusion detection and prevention systems unable to detect illegal and unauthorised access to devices in the enterprise network. The consequences can be disastrous. In this light, this work propose a simple but effective clustering approach capable of separating normal and abnormal network traffic patterns to detect such challenges (anomalies). The work in this paper applies this approach to single devices and aggregations of data per device type. Additionally, this work propose plotting the notched box for each cluster to acquire a better understanding of their data distributions and measuring the clusters’ performance using the Adjusted Rand Index. The results show that the proposed method is valid, can be used in several contexts, and features a 95% confidence that most single device and device type distributions overlap, which makes them equivalently usable for anomaly detection purposes.
Original languageEnglish
Title of host publication2nd International Conference on Business Analytics for Technology and Security, ICBATS 2023
PublisherIEEE
Number of pages10
ISBN (Electronic)979-8-3503-3564-4
ISBN (Print)979-8-3503-3565-1
DOIs
Publication statusE-pub ahead of print - 15 Mar 2023
Event2023 International Conference on Business Analytics for Technology and Security (ICBATS) - Dubai, United Arab Emirates
Duration: 7 Mar 20238 Mar 2023

Conference

Conference2023 International Conference on Business Analytics for Technology and Security (ICBATS)
Abbreviated titleICBATS
Country/TerritoryUnited Arab Emirates
CityDubai
Period7/03/238/03/23

Keywords

  • Data-driven research
  • Behaviour Profiling
  • Device Fingerprinting
  • Network Access Control
  • K-Means Clustering
  • Anomaly Detection

ASJC Scopus subject areas

  • Information Systems and Management
  • Artificial Intelligence
  • Safety, Risk, Reliability and Quality
  • Health Informatics
  • Management of Technology and Innovation
  • Computer Science Applications
  • Statistics, Probability and Uncertainty
  • Management Science and Operations Research

Fingerprint

Dive into the research topics of 'Data-Driven Design for Anomaly Detection in Network Access Control Systems'. Together they form a unique fingerprint.

Cite this