Detecting Port Scans against Mobile Devices with Neural Networks and Decision Trees

  • Christo Panchev
  • Petar Dobrev
  • James Nicholson
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 459)


Recently, mobile devices such as smartphones and tablets have emerged as one of the most popular forms of communication. This trend raises the question about the security of the private data and communication of the people using those devices. With increased computational resources and versatility the number of security threats on such devices is growing rapidly. Therefore, it is vital for security specialists to find adequate anti-measures against the threats. Machine Learning approaches with their ability to learn from and adapt to their environments provide a promising approach to modelling and protecting against security threats on mobile devices. This paper presents a comparative study and implementation of Decision Trees and Neural Network models for the detection of port scanning showing the differences between the responses on a desktop platform and a mobile device and the ability of the Neural Network model to adapt to the different environment and computational resource available on a mobile platform.


Intrusion Detection Port Scanning Cascade Correlation Neural Networks Decision Trees Android Mobile devices 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Khan, S., Nauman, M., Othman, A.T., Musa, S.: How secure is your smartphone: An analysis of smartphone security mechanisms. In: Proceedings of the 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), June 26-28, pp. 76–81 (2012)Google Scholar
  2. 2.
    Zaman, S., Karray, F.: TCP/IP Model and Intrusion Detection Systems. In: Proceedings of the International Conference on Advanced Information Networking and Applications Workshops, Bradford, United Kingdom, May 26-29, pp. 90–96 (2009)Google Scholar
  3. 3.
    Kou, X., Wen, Q.: Intrusion detection model based on Android. In: Proceedings of the 4th IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT), pp. 624–628 (2011)Google Scholar
  4. 4.
    Ghorbanian, M., Shanmugam, B., Narayanasamy, G., Idrids, N.: Signature-Based Hybrid Intrusion detection system (HIDS) for Android devices Business Engineering and Industrial Applications Colloquium (BEIAC), April 7-9, pp. 827–831. IEEE (2013)Google Scholar
  5. 5.
    Fahlman, S.E., Lebiere, C.: The cascade-correlation learning architecture. In: Touretzky, D.S. (ed.) Advances in Neural Information Processing Systems 2, pp. 524–532. Morgan Kaufmann Publishers Inc., San Francisco (1990)Google Scholar
  6. 6.
    Govindarajan, M., Chandrasekaran, R.M.: Intrusion detection using k-Nearest Neighbor. In: Proceedings of the First International Conference on Advanced Computing ICAC, December 13-15, pp. 13–20 (2009)Google Scholar
  7. 7.
    Jie, Y., Chen, X., Xiang, X., Wan, W.: HIDS-DT: An Effective Hybrid Intrusion Detection System Based on Decision Tree International Conference on Communications and Mobile Computing, April 12-14, pp. 70–75 (2010)Google Scholar
  8. 8.
    Gates, C., Taylor, C.: Challenging the anomaly detection paradigm: a provocative discussion. In: Proceedings of the Workshop on New Security Paradigms (NSPW 2006), New York, USA, pp. 21–29 (2006)Google Scholar
  9. 9.
    Denning, D.E.: An Intrusion-Detection Model. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 118–133 (1986)Google Scholar
  10. 10.
    Mitchell, R., Chen, I.-R.: “Behavior-Rule Based Intrusion Detection Systems for Safety Critical Smart Grid Applications. IEEE Transactions on Smart Grid 4(3), 1254 (2013)CrossRefGoogle Scholar
  11. 11.
    Yang, Y., McLaughlin, K., Littler, T., Sezer, S., Wang, H.F.: Rule-based intrusion detection system for SCADA networks. In: 2nd IET Renewable Power Generation Conference (RPG 2013), September 9-11, pp. 1–4 (2013)Google Scholar
  12. 12.
    Boyer, R.S., Moore, J.S.: A Fast String Searching Algorithm. Comm. ACM 20(10), 762–772 (1977)CrossRefzbMATHGoogle Scholar
  13. 13.
    Antonatos, S., Polychronakis, M., Akritidis, P., Anagnostakis, K.G., Markatos, Y.E.P.: Fast and Memory-Efficient Pattern Matching for Intrusion Detection. In: Proceedings 20th IFIP International Information Security Conference SEC (2005)Google Scholar
  14. 14.
    Bhuyan, M., Bhattacharyya, D.K., Kalita, J.K.: Surveying Port Scans and Their Detection Methodologies. Computer Journal ACM 54, 1565–1581 (2011)CrossRefGoogle Scholar
  15. 15.
    Dabbagh, M., Ghandour, A.J., Fawaz, K., Hajj, W.E., Hajj, H.: Slow port scanning detection. In: Proceedings of the 7th International Conference on Information Assurance and Security (IAS), December 5-8, pp. 228–233 (2011)Google Scholar
  16. 16.
    Wang, G., Hao, J., Ma, J., Huang, L.: A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering. Expert Systems with Applications 37(9), 6225–6232 (2010)CrossRefGoogle Scholar
  17. 17.
    Nazir, A.: A comparative study of Cascaded Forward Back Propagation and Hybrid SOFM-CFBP Neural Networks based Intrusion Detection Systems. International Journal of Scientific and Engineering Research 4(6) (2013)Google Scholar
  18. 18.
    Basu, R., Cunningham, R.K., Webster, S.E., Lippmann, R.P.: Detecting low-profile probes and novel denial-of-service attacks. In: Proceedings of IWIAS 2001, West Point, New York, USA, pp. 5–10. IEEE Computer Society (June 2001)Google Scholar
  19. 19.
    Oke, G., Loukas, G., Gelenbe, E.: Detecting denial of service attacks with bayesian classifiers and the random neural network. In: Proceedings of FUZZ- IEEE 2007, pp. 1964–1969. IEEE, USA (2007)Google Scholar
  20. 20.
    Fisch, D., Hofmann, A., Sick, B.: On the versatility of radial basis function neural networks: A case study in the field of intrusion detection. Information Sciences 180(12), 2421–2439 (2010)CrossRefGoogle Scholar
  21. 21.
    Kalpana, Y., Purushothaman, S., Rajeswari, R.: Implementation of Echo State Neural Network and Radial Basis Function Network for Intrusion Detection. Data Mining and Knowledge Engineering 5(9), 366–373 (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Christo Panchev
    • 1
  • Petar Dobrev
    • 1
  • James Nicholson
    • 1
  1. 1.Department of Computing, Engineering and TechnologyUniversity of SunderlandSunderlandUnited Kingdom

Personalised recommendations