Using Decision Trees for Generating Adaptive SPIT Signatures
Résumé
With the spread of new and innovative Internet services such as SIP-based communications, the challenge of protecting and defending these critical applications has been raised. In particular, SIP firewalls attempt to filter the signaling un- wanted activities and attacks based on the knowledge of the SIP protocol. Optimizing the SIP firewall configuration at real-time by selecting the best filtering rules is problematic because it depends on both natures of the legal traffic and the unwanted activities. More precisely, we do not know exactly how the unwanted activities are reflected in the SIP messages and in what they differ from the legal ones. In this paper, we address the case of Spam over Internet Telephony (SPIT) mitigation. We propose an adaptive solution based on extracting signatures from learnt decision trees. Our sim- ulations show that quickly learning the optimal configura- tion for a SIP firewall leads to reduce at lowest the unso- licited calls as reported by the users under protection. Our results promote the application of machine learning algo- rithms for supporting network and service resilience against such new challenges.
Origine : Fichiers produits par l'(les) auteur(s)
Loading...