Title

A Framework for Monitoring SIP Enterprise Networks

Document Type

Article

Publication Date

9-2010

Subject: LCSH

Computer networks--Security measures, Internet telephony, Operating systems (Computers), Anomaly detection (Computer security)

Disciplines

Computer Engineering | Computer Sciences | Electrical and Computer Engineering

Abstract

In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabilities at three levels: the network traffic, the server logs and the billing records. We propose an anomaly detection approach based on appropriate feature extraction and one-class Support Vector Machines (SVM). We propose methods for anomaly/attack type classification and attack source identification. Our approach is validated through experiments on a controlled test-bed using a customized normal traffic generation model and synthesized attacks. The results show promising performances in terms of accuracy, efficiency and usability.

Comments

Article published in the 2010 Fourth International Conference on Network and System Security.

University of New Haven community members can access the full-text here.

DOI

10.1109/NSS.2010.79

Publisher Citation

M. Nassar, R. State and O. Festor, "A Framework for Monitoring SIP Enterprise Networks," 2010 Fourth International Conference on Network and System Security, 2010, pp. 1-8, doi: 10.1109/NSS.2010.79.

Check your library

Share

COinS