Efficient Detection of Attacks in SIP Based VoIP Networks Using Linear l1-SVM Classifier

Waleed Nazih, Yasser Hifny, Wail Elkilani, Tamer Abdelkader, Hossam Faheem
2019 International Journal of Computers Communications & Control  
The Session Initiation Protocol (SIP) is one of the most common protocols that are used for signaling function in Voice over IP (VoIP) networks. The SIP protocol is very popular because of its flexibility, simplicity, and easy implementation, so it is a target of many attacks. In this paper, we propose a new system to detect the Denial of Service (DoS) attacks (i.e. malformed message and invite flooding) and Spam over Internet Telephony (SPIT) attack in the SIP based VoIP networks using a
more » ... works using a linear Support Vector Machine with l1 regularization (i.e. l1-SVM) classifier. In our approach, we project the SIP messages into a very high dimensional space using string based n-gram features. Hence, a linear classifier is trained on the top of these features. Our experimental results show that the proposed system detects malformed message, invite flooding, and SPIT attacks with a high accuracy. In addition, the proposed system outperformed other systems significantly in the detection speed.
doi:10.15837/ijccc.2019.4.3563 fatcat:4y62wrmbond5bpk46yr5efwd2u