Proc. of the 4th International Conference on Security of Information and Networks (SIN 2011)
4th International Conference on Security of Information and Networks (SIN 2011)
14-19 Nov. 2011
[en] With the spread of new and innovative Internet services such as SIP-based communications, the challenge of protecting and defending these critical applications has been raised. In particular, SIP firewalls attempt to filter the signaling unwanted activities and attacks based on the knowledge of the SIP protocol. Optimizing the SIP firewall configuration at real-time by selecting the best filtering rules is problematic because it depends on both natures of the legal traffic and the unwanted activities. More precisely, we do not know exactly how the unwanted activities are reflected in the SIP messages and in what they differ from the legal ones. In this paper, we address the case of Spam over Internet Telephony (SPIT) mitigation. We propose an adaptive solution based on extracting signatures from learnt decision trees. Our simulations show that quickly learning the optimal configuration for a SIP firewall leads to reduce at lowest the unsolicited calls as reported by the users under protection. Our results promote the application of machine learning algorithms for supporting network and service resilience against such new challenges.
Fonds de la Recherche Scientifique (Communauté française de Belgique) - F.R.S.-FNRS ; Union Européenne = European Union - UE = EU ; INRIA