Abstract | ||
---|---|---|
In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabilities at three levels: the network traffic, the server logs and the billing records. We propose an anomaly detection approach based on appropriate feature extraction and one-class Support Vector Machines (SVM). We propose methods for anomaly/attack type classification and attack source identification. Our approach is validated through experiments on a controlled test-bed using a customized normal traffic generation model and synthesized attacks. The results show promising performances in terms of accuracy, efficiency and usability. |
Year | DOI | Venue |
---|---|---|
2010 | 10.1109/NSS.2010.79 | Network and System Security |
Keywords | Field | DocType |
customized normal traffic generation,anomaly detection approach,monitoring sip enterprise networks,network traffic,attack source identification,vector machines,billing record,appropriate feature extraction,attack type classification,sip enterprise domain,synthesized attack,servers,sip,feature extraction,svm,computer network security,test bed,dos,security,protocols,support vector machine,anomaly detection,voip,media,support vector machines | Traffic generation model,Anomaly detection,Computer security,Computer science,Usability,Network security,Server,Support vector machine,Computer network,Feature extraction,Voice over IP | Conference |
ISBN | Citations | PageRank |
978-0-7695-4159-4 | 3 | 0.40 |
References | Authors | |
11 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mohamed Nassar | 1 | 138 | 14.44 |
Radu State | 2 | 623 | 86.87 |
Olivier Festor | 3 | 665 | 85.40 |