Labeled VoIP data-set for intrusion detection evaluation

Authors:
Mohamed Nassar;Radu State;Olivier Festor
Affiliations:
INRIA Research Center, Nancy-Grand Est, Villers-Lés-Nancy, France;INRIA Research Center, Nancy-Grand Est, Villers-Lés-Nancy, France;INRIA Research Center, Nancy-Grand Est, Villers-Lés-Nancy, France
Venue:
EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
Year:
2010

Citing 9
Cited 2

SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments

DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
VoIP Intrusion Detection Through Interacting Protocol State Machines

DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
SIP-based VoIP traffic behavior profiling and its applications

Proceedings of the 3rd annual ACM workshop on Mining network data
VoIP defender: highly scalable SIP-based security architecture

Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding

Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Detecting VoIP Floods Using the Hellinger Distance

IEEE Transactions on Parallel and Distributed Systems
Specification-Based Denial-of-Service Detection for SIP Voice-over-IP Networks

ICIMP '08 Proceedings of the 2008 The Third International Conference on Internet Monitoring and Protection
Monitoring SIP Traffic Using Support Vector Machines

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
VoIP malware: attack tool & attack scenarios

ICC'09 Proceedings of the 2009 IEEE international conference on Communications

SPRT for SPIT: using the sequential probability ratio test for spam in VoIP prevention

AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Outbound SPIT filter with optimal performance guarantees

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

VoIP has become a major application of multimedia communications over IP. Many initiatives around the world focus on the detection of attacks against VoIP services and infrastructures. Because of the lack of a common labeled data-set similarly to what is available in TCP/IP network-based intrusion detection, their results can not be compared. VoIP providers are not able to contribute their data because of user privacy agreements. In this paper, we propose a framework for customizing and generating VoIP traffic within controlled environments. We provide a labeled data-set generated in two types of SIP networks. Our data-set is composed of signaling and other protocol traces, call detail records and server logs. By this contribution we aim to enable the works on VoIP anomaly and intrusion detection to become comparable through its application to common datasets.