| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
A framework for monitoring SIP enterprise networks
Abstract : In this paper we aim to enable security within SIP enterprise domains by providing monitoring capabilities at three levels: the network traffic, the server logs and the billing records. We propose an anomaly detection approach based on appropriate feature extraction and one-class Support Vector Machines (SVM). We propose methods for anomaly/attack type classification and attack source identification. Our approach is validated through experiments on a controlled test-bed using a customized normal traffic generation model and synthesized attacks. The results show promising performances in terms of accuracy, efficiency and usability.
Cited literature [16 references]
https://hal.inria.fr/inria-00519728
Contributor : Mohamed Nassar Connect in order to contact the contributor
Submitted on : Tuesday, September 21, 2010 - 2:35:23 PM
Last modification on : Wednesday, February 2, 2022 - 3:51:44 PM
Long-term archiving on: : Wednesday, December 22, 2010 - 2:48:04 AM
Contributor : Mohamed Nassar Connect in order to contact the contributor
Submitted on : Tuesday, September 21, 2010 - 2:35:23 PM
Last modification on : Wednesday, February 2, 2022 - 3:51:44 PM
Long-term archiving on: : Wednesday, December 22, 2010 - 2:48:04 AM
File
nss10.pdf
Files produced by the author(s)