Using Decision Trees for Generating Adaptive SPIT Signatures

Abstract : With the spread of new and innovative Internet services such as SIP-based communications, the challenge of protecting and defending these critical applications has been raised. In particular, SIP firewalls attempt to filter the signaling un- wanted activities and attacks based on the knowledge of the SIP protocol. Optimizing the SIP firewall configuration at real-time by selecting the best filtering rules is problematic because it depends on both natures of the legal traffic and the unwanted activities. More precisely, we do not know exactly how the unwanted activities are reflected in the SIP messages and in what they differ from the legal ones. In this paper, we address the case of Spam over Internet Telephony (SPIT) mitigation. We propose an adaptive solution based on extracting signatures from learnt decision trees. Our sim- ulations show that quickly learning the optimal configura- tion for a SIP firewall leads to reduce at lowest the unso- licited calls as reported by the users under protection. Our results promote the application of machine learning algo- rithms for supporting network and service resilience against such new challenges.
Type de document :
Communication dans un congrès
ACM. 4th International Conference on Security of Information and Networks - SIN 2011, Nov 2011, Sydney, Australia. ACM, pp.13-20, 2011
Liste complète des métadonnées

Littérature citée [19 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00644821
Contributeur : Olivier Festor <>
Soumis le : vendredi 25 novembre 2011 - 11:14:36
Dernière modification le : jeudi 11 janvier 2018 - 06:19:49
Document(s) archivé(s) le : dimanche 26 février 2012 - 02:27:10

Fichier

p13.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00644821, version 1

Collections

Citation

Mohamed El Baker Nassar, Sylvain Martin, Guy Leduc, Olivier Festor. Using Decision Trees for Generating Adaptive SPIT Signatures. ACM. 4th International Conference on Security of Information and Networks - SIN 2011, Nov 2011, Sydney, Australia. ACM, pp.13-20, 2011. 〈hal-00644821〉

Partager

Métriques

Consultations de la notice

327

Téléchargements de fichiers

353