Service platforms using text-based protocols need to be protected against attacks. Machine-learning algorithms with pattern matching can be used to detect even previously unknown attacks. In this paper, we present an extension to known Support Vector Machine (SVM) based anomaly detection algorithms for the Session Initiation Protocol (SIP). Our contribution is to extend the amount of different features used for classification (feature space) by exploiting the structure of SIP messages, which reduces the false positive rate. Additionally, we show how combining our approach with attribute reduction significantly improves throughput
International audienceIn this paper we aim to enable security within SIP enterprise domains by provi...
We propose a novel online monitoring approach to distinguish between attacks and normal activity in ...
The Session Initiation Protocol (SIP) is one of the most common protocols that are used for signalin...
Abstract—The Session Initiation Protocol (SIP) is at the root of many sessions-based applications su...
The Session Initiation Protocol (SIP) is at the root of many sessions-based applications such as VoI...
In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabi...
Abstract—The IP Multimedia Subsystem (IMS) framework uses Session Initiation Protocol (SIP) for sign...
Voice and multimedia communications are rapidly migrating from traditional networks to TCP/IP networ...
Current Voice-over-IP infrastructures lack defenses against unexpected network threats, such as zero...
A message level SIP anomaly detection architecture that analyses SIP messages to classify them as “g...
Security is one of the main requirements of the current computer systems, and recently it gains much...
This paper investigates the detection of abnormal sequences of signaling packets purposely generated...
Unlike signature or misuse based intrusion detection techniques, anomaly detection is capable of det...
The Session Initiation Protocol (SIP) is at the root of many sessions-based applications such as VoI...
The Session Initiation Protocol (SIP) is the de facto stan-dard for user’s session control in the ne...
International audienceIn this paper we aim to enable security within SIP enterprise domains by provi...
We propose a novel online monitoring approach to distinguish between attacks and normal activity in ...
The Session Initiation Protocol (SIP) is one of the most common protocols that are used for signalin...
Abstract—The Session Initiation Protocol (SIP) is at the root of many sessions-based applications su...
The Session Initiation Protocol (SIP) is at the root of many sessions-based applications such as VoI...
In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabi...
Abstract—The IP Multimedia Subsystem (IMS) framework uses Session Initiation Protocol (SIP) for sign...
Voice and multimedia communications are rapidly migrating from traditional networks to TCP/IP networ...
Current Voice-over-IP infrastructures lack defenses against unexpected network threats, such as zero...
A message level SIP anomaly detection architecture that analyses SIP messages to classify them as “g...
Security is one of the main requirements of the current computer systems, and recently it gains much...
This paper investigates the detection of abnormal sequences of signaling packets purposely generated...
Unlike signature or misuse based intrusion detection techniques, anomaly detection is capable of det...
The Session Initiation Protocol (SIP) is at the root of many sessions-based applications such as VoI...
The Session Initiation Protocol (SIP) is the de facto stan-dard for user’s session control in the ne...
International audienceIn this paper we aim to enable security within SIP enterprise domains by provi...
We propose a novel online monitoring approach to distinguish between attacks and normal activity in ...
The Session Initiation Protocol (SIP) is one of the most common protocols that are used for signalin...