Share Email Print
cover

Proceedings Paper

VoIP attacks detection engine based on neural network
Author(s): Jakub Safarik; Jiri Slachta
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

Paper Details

Date Published: 20 May 2015
PDF: 7 pages
Proc. SPIE 9496, Independent Component Analyses, Compressive Sampling, Large Data Analyses (LDA), Neural Networks, Biosystems, and Nanoengineering XIII, 94960J (20 May 2015); doi: 10.1117/12.2178182
Show Author Affiliations
Jakub Safarik, Cesnet z.s.p.o. (Czech Republic)
Jiri Slachta, Cesnet z.s.p.o. (Czech Republic)


Published in SPIE Proceedings Vol. 9496:
Independent Component Analyses, Compressive Sampling, Large Data Analyses (LDA), Neural Networks, Biosystems, and Nanoengineering XIII
Harold H. Szu; Liyi Dai; Yufeng Zheng, Editor(s)

© SPIE. Terms of Use
Back to Top