A Framework for Monitoring SIP Enterprise Networks

Free registration required

Executive Summary

In this paper, the authors aim to enable security within SIP enterprise domains by providing monitoring capabilities at three levels: the network traffic, the server logs and the billing records. They propose an anomaly detection approach based on appropriate feature extraction and one-class Support Vector Machines (SVM). They propose methods for anomaly/attack type classification and attack source identification. Their approach is validated through experiments on a controlled test-bed using a customized normal traffic generation model and synthesized attacks. The results show promising performances in terms of accuracy, efficiency and usability.

  • Format: PDF
  • Size: 1385.4 KB