Skip to Main content Skip to Navigation
Conference papers

A framework for monitoring SIP enterprise networks

Mohamed Nassar 1, * Radu State 1 Olivier Festor 1 
* Corresponding author
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabilities at three levels: the network traffic, the server logs and the billing records. We propose an anomaly detection approach based on appropriate feature extraction and one-class Support Vector Machines (SVM). We propose methods for anomaly/attack type classification and attack source identification. Our approach is validated through experiments on a controlled test-bed using a customized normal traffic generation model and synthesized attacks. The results show promising performances in terms of accuracy, efficiency and usability.
Document type :
Conference papers
Complete list of metadata

Cited literature [16 references]  Display  Hide  Download
Contributor : Mohamed Nassar Connect in order to contact the contributor
Submitted on : Tuesday, September 21, 2010 - 2:35:23 PM
Last modification on : Wednesday, February 2, 2022 - 3:51:44 PM
Long-term archiving on: : Wednesday, December 22, 2010 - 2:48:04 AM


Files produced by the author(s)




Mohamed Nassar, Radu State, Olivier Festor. A framework for monitoring SIP enterprise networks. Fourth international conference on Network and System Security - NSS 2010, Sep 2010, Melbourne, Australia. pp.1--8, ⟨10.1109/NSS.2010.79⟩. ⟨inria-00519728⟩



Record views


Files downloads