Machine Learning
Protocol Analysis in Intrusion Detection Using Decision Tree
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Using model trees to characterize computer resource usage
WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
SIP-based VoIP traffic behavior profiling and its applications
Proceedings of the 3rd annual ACM workshop on Mining network data
Real-time monitoring of SIP infrastructure using message classification
Proceedings of the 3rd annual ACM workshop on Mining network data
Protocol Conformance Testing a SIP Registrar: an Industrial Application of Formal Methods
SEFM '07 Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Using decision trees for generating adaptive SPIT signatures
Proceedings of the 4th international conference on Security of information and networks
Hi-index | 0.00 |
Software implementing open standards like SIP evolves over time, and often during the first years of deployment, products are either immature or do not implement the whole standard but rather only a subset. As a result, messages compliant to the standard are sometimes wrongly rejected and communication fails. In this paper we describe a novel approach called Babel-SIP for increasing the rate of acceptance for SIP messages. Babel-SIP is a filter that is put in front of a SIP parser and analyzes incoming SIP messages. It gradually learns which messages are likely to be accepted by the parser, and which are not. Those classified as probably rejected are then adapted such that the probability for acceptance is increased. In a number of experiments we demonstrate that our filter is able to drastically increase the acceptance rate of problematic SIP REGISTER and INVITE messages. Additionally we show that our approach can be used to analyze the faulty behavior of a SIP parser by using the generated decision trees.