Share Email Print
cover

Proceedings Paper

Classifier fusion for VoIP attacks classification
Author(s): Jakub Safarik; Filip Rezac
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.

Paper Details

Date Published: 2 May 2017
PDF: 7 pages
Proc. SPIE 10200, Signal Processing, Sensor/Information Fusion, and Target Recognition XXVI, 102001F (2 May 2017); doi: 10.1117/12.2262744
Show Author Affiliations
Jakub Safarik, CESNET z.s.p.o. (Czech Republic)
Filip Rezac, CESNET z.s.p.o. (Czech Republic)


Published in SPIE Proceedings Vol. 10200:
Signal Processing, Sensor/Information Fusion, and Target Recognition XXVI
Ivan Kadar, Editor(s)

© SPIE. Terms of Use
Back to Top