Labeled VoIP Data-Set for Intrusion Detection Evaluation

Document Type

Article

Publication Date

2010

Subject: LCSH

Intrusion detection systems (Computer security), Session Initiation Protocol (Computer network protocol), Internet Relay Chat, Multimedia communications, TCP/IP (Computer network protocol)

Disciplines

Computer Engineering | Computer Sciences | Electrical and Computer Engineering

Abstract

VoIP has become a major application of multimedia communications over IP. Many initiatives around the world focus on the detection of attacks against VoIP services and infrastructures. Because of the lack of a common labeled data-set similarly to what is available in TCP/IP network-based intrusion detection, their results can not be compared. VoIP providers are not able to contribute their data because of user privacy agreements. In this paper, we propose a framework for customizing and generating VoIP traffic within controlled environments. We provide a labeled data-set generated in two types of SIP networks. Our data-set is composed of signaling and other protocol traces, call detail records and server logs. By this contribution we aim to enable the works on VoIP anomaly and intrusion detection to become comparable through its application to common datasets.

Comments

Article is part of Networked Services and Applications - Engineering, Control and Management, 16th EUNICE/IFIP WG 6.6 Workshop, EUNICE 2010, Trondheim, Norway, June 28-30, 2010. Proceedings.

DOI

10.1007/978-3-642-13971-0_10

Publisher Citation

Nassar M., State R., Festor O. (2010) Labeled VoIP Data-Set for Intrusion Detection Evaluation. In: Aagesen F.A., Knapskog S.J. (eds) Networked Services and Applications - Engineering, Control and Management. EUNICE 2010. Lecture Notes in Computer Science, vol 6164. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13971-0_10

Link to Full Text

Check your library

Share

COinS