Securing IP-Multimedia Subsystem (IMS) Against Anomalous Message Exploits by Using Machine Learning Algorithms
Modern communication infrastructure (IPMultimedia Subsystem (IMS) and Voice over IP (VoIP)) are vulnerable to zero day attacks and unknown threats. Anomalous SIP requests can be used to remotely launch malicious activity. Furthermore, anomalous messages are capable of crashing - sometimes with one message only - servers and end points. Recently it is shown that a malicious SIP message "INVITE of Death" crash a server or gain unfettered access to it. In contrast, little research is done to protect IMS against such anomalous messages. In this paper, the authors propose an anomalous message detection framework that extracts novel syntactical features from SIP messages at the P-CSCF of an IMS.