DETECTION OF ANOMALIES IN MOBILE TRAFFIC USING MACHINE LEARNING
DOI:
https://doi.org/10.35546/kntu2078-4481.2026.1.44Keywords:
machine learning, anomaly detection, mobile traffic, neural networks, Python, cybersecurity, network monitoringAbstract
The number of mobile devices and data growth is giving a challenge to cybersecurity network traffic. Traditional signature-based approaches are losing their effectiveness as new types of attack have no consistent pattern and are also hidden in legitimate traffic. In this context, the application of machine learning techniques for the automated detection of anomalies in the mobile network traffic is of particular relevance. The purpose of the paper is to develop and research machine learning methods for detecting anomalous behavior in mobile device traffic, enabling early identification of previously unknown threats, and enhancing the effectiveness of cyber defense. Scientific novelty. An approach that relies on unsupervised learning algorithms LSTM Autoencoder and Isolation Forest is proposed for analyzing the multidimensional characteristics of mobile traffic. Using the adaptive threshold allows to decrease the false-positive rates and to increase detection reliability (compared to traditional statistical methods). Results. A Python-based anomaly detection system was developed using the TensorFlow and scikit-learn libraries. The algorithms were experimentally evaluated on real mobile traffic datasets. The LSTM Autoencoder achieved the highest anomaly detection accuracy (96.1 %), while Isolation Forest offers a balance of stable accuracy and high processing speed, making it suitable for resource-constrained systems. Conclusions. Machine learning methods are found to be fruitful in intelligent analysis of mobile network traffic. The use of LSTM Autoencoder allows finding very accurately, while algorithms like Isolation Forest have a lower computational complexity and can be applied in real-time. The results provide proof of concept of the potential of machine learning approaches for the early identification of previously unknown cyber threats.
References
Neri M., Baldoni S. Unsupervised Network Anomaly Detection with Autoencoders and Traffic Images (Version 1). arXiv. 2025. DOI: https://doi.org/10.48550/arXiv.2505.16650 URL: https://arxiv.org/abs/2505.16650
Singh K., Kashyap A., Cherukuri A. K. Interpretable Anomaly Detection in Encrypted Traffic Using SHAP with Machine Learning Models (Version 1). arXiv. 2025. DOI: https://doi.org/10.48550/arXiv.2505.16261 URL: https://arxiv.org/abs/2505.16261
Miguel-Diez A., Campazas-Vega A., Guerrero-Higueras Á. M., Álvarez-Aparicio C., Matellán-Olivera V. Anomaly detection in network flows using unsupervised online machine learning (Version 1). arXiv. 2025. DOI: https://doi.org/10.48550/arXiv.2509.01375 URL: https://arxiv.org/abs/2509.01375
Noonari N., Corujo D., Aguiar R. L., Ferrao F. J. Multi-Scale Convolutional LSTM with Transfer Learning for Anomaly Detection in Cellular Networks (Version 1). arXiv. 2024. DOI: https://doi.org/10.48550/arXiv.2410.03732 URL: https://arxiv.org/abs/2410.03732
Chen Z., Chien S. W. D., Qian P., Zilberman N. Detecting Anomalies in Machine Learning Infrastructure via Hardware Telemetry (Version 1). arXiv. 2025. DOI: https://doi.org/10.48550/arXiv.2510.26008 URL: https://arxiv.org/abs/2510.26008
Benmachiche A., Rais K., Slimi H. Real-Time Machine Learning for Embedded Anomaly Detection (Version 1). arXiv. 2025. DOI: https://doi.org/10.48550/arXiv.2512.19383 URL: https://arxiv.org/abs/2512.19383
Rzym G., Masny A., Chołda P. Dynamic Telemetry and Deep Neural Networks for Anomaly Detection in 6G Software-Defined Networks. Electronics. 2024. Vol. 13, No. 2. DOI: https://doi.org/10.3390/electronics13020382 URL: https://www.mdpi.com/2079-9292/13/2/382
Schummer P., del Rio A., Serrano J., Jimenez D., Sánchez G., Llorente Á. Machine Learning-Based Network Anomaly Detection: Design, Implementation, and Evaluation. AI. 2024. Vol. 5, No. 4. P. 143. DOI: https://doi.org/10.3390/ai5040143 URL: https://www.mdpi.com/2673-2688/5/4/143
Thwaini M. H. Anomaly Detection in Network Traffic using Machine Learning for Early Threat Detection. Digital Medicine. 2022. DOI: 10.56294/dm202272 URL: https://is.gd/T2JCaF
Mahmood N., Hussein D. H., Askar S., Ibrahim M. A. Machine Learning for Network Anomaly Detection: A Review. International Journal of Computer Science. 2025. Vol. 14, No. 1. DOI: 10.33022/ijcs.v14i1.4703 URL: https://is.gd/mYVrU5
