A Framework for Monitoring SIP Enterprise Networks
作者: Mohamed Nassar , Radu Stat , Olivier Festor
DOI: 10.1109/NSS.2010.79
关键词:
摘要: In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabilities at three levels: the network traffic, server logs and billing records. We propose an anomaly detection approach based on appropriate feature extraction one-class Support Vector Machines (SVM). methods for anomaly/attack type classification attack source identification. Our is validated through experiments a controlled test-bed using customized normal traffic generation model synthesized attacks. The results show promising performances in terms of accuracy, efficiency usability.
researchgate.net 
sci-hub.se 参考文章(15)
Klaus Robert Müller, Christin Schäfer, Pavel Laskov, Konrad Rieck, Klaus Robert Müller, Visualization of anomaly detection using prediction sensitivity SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)- 2nd Annual Meeting of the Department of Security of the Society for Informatics - Security. pp. 197- 208 ,(2005)
Mohamed Nassar, Radu State, Olivier Festor, Monitoring SIP Traffic Using Support Vector Machines recent advances in intrusion detection. ,vol. 5230, pp. 311- 330 ,(2008) , 10.1007/978-3-540-87403-4_17
Klaus-Robert Müller, Christin Schäfer, Pavel Laskov, Igor V. Kotenko, Intrusion detection in unlabeled data with quarter-sphere Support Vector Machines Praxis Der Informationsverarbeitung Und Kommunikation. ,vol. 27, pp. 228- 236 ,(2004) , 10.17877/DE290R-15912
Hun Jeong Kang, Zhi-Li Zhang, Supranamaya Ranjan, Antonio Nucci, SIP-based VoIP traffic behavior profiling and its applications Proceedings of the 3rd annual ACM workshop on Mining network data - MineNet '07. pp. 39- 44 ,(2007) , 10.1145/1269880.1269891
Humberto J. Abdelnur, Radu State, Olivier Festor, KiF Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications - IPTComm '07. pp. 47- 56 ,(2007) , 10.1145/1326304.1326313
Dimitris Gritzalis, Yannis Mallios, A SIP-oriented SPIT Management Framework Computers & Security. ,vol. 27, pp. 136- 153 ,(2008) , 10.1016/J.COSE.2008.05.007
Sven Ehlert, Dimitris Geneiatakis, Thomas Magedanz, Survey of network security systems to counter SIP-based denial-of-service attacks Computers & Security. ,vol. 29, pp. 225- 243 ,(2010) , 10.1016/J.COSE.2009.09.004
SIP: Session Initiation Protocol RFC3261. ,vol. 2543, pp. 1- 151 ,(2002) , 10.1201/9781420070910-13
H. Sengar, D. Wijesekera, Haining Wang, S. Jajodia, VoIP Intrusion Detection Through Interacting Protocol State Machines dependable systems and networks. pp. 393- 402 ,(2006) , 10.1109/DSN.2006.73
H. Sengar, Haining Wang, D. Wijesekera, S. Jajodia, Detecting VoIP Floods Using the Hellinger Distance IEEE Transactions on Parallel and Distributed Systems. ,vol. 19, pp. 794- 805 ,(2008) , 10.1109/TPDS.2007.70786