Automatic Adaptation and Analysis of SIP Headers Using Decision Trees

Authors:
Andrea Hess;Michael Nussbaumer;Helmut Hlavacs;Karin Anna Hummel
Affiliations:
Department of Distributed and Multimedia Systems, University of Vienna, Vienna, Austria A-1080;Department of Distributed and Multimedia Systems, University of Vienna, Vienna, Austria A-1080;Department of Distributed and Multimedia Systems, University of Vienna, Vienna, Austria A-1080;Department of Distributed and Multimedia Systems, University of Vienna, Vienna, Austria A-1080
Venue:
Principles, Systems and Applications of IP Telecommunications. Services and Security for Next Generation Networks
Year:
2008

Citing 9
Cited 1

Machine Learning

Machine Learning
Protocol Analysis in Intrusion Detection Using Decision Tree

ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Using model trees to characterize computer resource usage

WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)

Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
SIP-based VoIP traffic behavior profiling and its applications

Proceedings of the 3rd annual ACM workshop on Mining network data
Real-time monitoring of SIP infrastructure using message classification

Proceedings of the 3rd annual ACM workshop on Mining network data
Protocol Conformance Testing a SIP Registrar: an Industrial Application of Formal Methods

SEFM '07 Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods
KiF: a stateful SIP fuzzer

Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Realtime object recognition using decision tree learning

RoboCup 2004

Using decision trees for generating adaptive SPIT signatures

Proceedings of the 4th international conference on Security of information and networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Software implementing open standards like SIP evolves over time, and often during the first years of deployment, products are either immature or do not implement the whole standard but rather only a subset. As a result, messages compliant to the standard are sometimes wrongly rejected and communication fails. In this paper we describe a novel approach called Babel-SIP for increasing the rate of acceptance for SIP messages. Babel-SIP is a filter that is put in front of a SIP parser and analyzes incoming SIP messages. It gradually learns which messages are likely to be accepted by the parser, and which are not. Those classified as probably rejected are then adapted such that the probability for acceptance is increased. In a number of experiments we demonstrate that our filter is able to drastically increase the acceptance rate of problematic SIP REGISTER and INVITE messages. Additionally we show that our approach can be used to analyze the faulty behavior of a SIP parser by using the generated decision trees.