Classifier fusion for VoIP attacks classification
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F17%3A10132895" target="_blank" >RIV/63839172:_____/17:10132895 - isvavai.cz</a>
Result on the web
<a href="http://dx.doi.org/10.1117/12.2262744" target="_blank" >http://dx.doi.org/10.1117/12.2262744</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1117/12.2262744" target="_blank" >10.1117/12.2262744</a>
Alternative languages
Result language
angličtina
Original language name
Classifier fusion for VoIP attacks classification
Original language description
SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
Result was created during the realization of more than one project. More information in the Projects tab.
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2017
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Proceedings of SPIE 10200; Signal Processing, Sensor/Information Fusion, and Target Recognition XXVI
ISBN
978-1-5106-0901-3
ISSN
0277-786X
e-ISSN
neuvedeno
Number of pages
7
Pages from-to
"102001F"-"102001F7"
Publisher name
SPIE
Place of publication
Neuveden
Event location
Anaheim, California, United States
Event date
Apr 9, 2017
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
000424391600040