The nature of statistical learning theory
The nature of statistical learning theory
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Adaptive, Model-Based Monitoring for Cyber Attack Detection
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Machine Learning and Data Mining for Computer Security: Methods and Applications (Advanced Information and Knowledge Processing)
Supernova Recognition Using Support Vector Machines
ICMLA '06 Proceedings of the 5th International Conference on Machine Learning and Applications
Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions
Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions
SIP-based VoIP traffic behavior profiling and its applications
Proceedings of the 3rd annual ACM workshop on Mining network data
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Detecting VoIP Floods Using the Hellinger Distance
IEEE Transactions on Parallel and Distributed Systems
LIBSVM: A library for support vector machines
ACM Transactions on Intelligent Systems and Technology (TIST)
Progressive multi gray-leveling: a voice spam protection algorithm
IEEE Network: The Magazine of Global Internetworking
Labeled VoIP data-set for intrusion detection evaluation
EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
SPRT for SPIT: using the sequential probability ratio test for spam in VoIP prevention
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
A survey of anomaly intrusion detection techniques
Journal of Computing Sciences in Colleges
Characteristics of real open SIP-Server traffic
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
Outbound SPIT filter with optimal performance guarantees
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
We propose a novel online monitoring approach to distinguish between attacks and normal activity in SIP-based Voice over IP environments. We demonstrate the efficiency of the approach even when only limited data sets are used in learning phase. The solution builds on the monitoring of a set of 38 features in VoIP flows and uses Support Vector Machines for classification. We validate our proposal through large offline experiments performed over a mix of real world traces from a large VoIP provider and attacks locally generated on our own testbed. Results show high accuracy of detecting SPIT and flooding attacks and promising performance for an online deployment are measured.