Reference : Using Decision Trees for Generating Adaptive SPIT Signatures
Scientific congresses and symposiums : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/2268/103647
Using Decision Trees for Generating Adaptive SPIT Signatures
English
Nassar, Mohamed Ali [INRIA Research Center, Nancy - Grand Est > > > >]
Martin, Sylvain mailto [Université de Liège - ULg > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques >]
Leduc, Guy mailto [Université de Liège - ULg > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques >]
Festor, Olivier [INRIA Research Center, Nancy - Grand Est > > > >]
14-Nov-2011
Proc. of the 4th International Conference on Security of Information and Networks (SIN 2011)
ACM
Yes
No
International
4th International Conference on Security of Information and Networks (SIN 2011)
14-19 Nov. 2011
Sydney
Australia
[en] With the spread of new and innovative Internet services such as SIP-based communications, the challenge of protecting and defending these critical applications has been raised. In particular, SIP firewalls attempt to filter the signaling unwanted activities and attacks based on the knowledge of the SIP protocol. Optimizing the SIP firewall configuration at real-time by selecting the best filtering rules is problematic because it depends on both natures of the legal traffic and the unwanted activities. More precisely, we do not know exactly how the unwanted activities are reflected in the SIP messages and in what they differ from the legal ones. In this paper, we address the case of Spam over Internet Telephony (SPIT) mitigation. We propose an adaptive solution based on extracting signatures from learnt decision trees. Our simulations show that quickly learning the optimal configuration for a SIP firewall leads to reduce at lowest the unsolicited calls as reported by the users under protection. Our results promote the application of machine learning algorithms for supporting network and service resilience against such new challenges.
Fonds de la Recherche Scientifique (Communauté française de Belgique) - F.R.S.-FNRS ; Union Européenne = European Union - UE = EU ; INRIA
ResumeNet
Researchers ; Professionals
http://hdl.handle.net/2268/103647
FP7 ; 224619 - RESUMENET - Resilience and Survivability for future networking: framework, mechanisms, and experimental evaluation

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
SM-SIN2011.pdfAuthor postprint506.01 kBView/Open

Bookmark and Share SFX Query

All documents in ORBi are protected by a user license.