Detection of Abnormal SIP Signaling Patterns: A Deep Learning Comparison

Pereira, Diogo; Oliveira, Rodolfo

doi:10.3390/computers11020027

Cited by 5 publications

(3 citation statements)

References 21 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They compared their methods to a probabilistic-based solution and found that their methods achieved higher detection scores in a shorter time. Extension [16] have been proposed for signaling SIP attacks based on Convolutional Neural Networks (CNN) architecture. The performance evaluation demonstrates that both the CNN and LSTM models achieve similar effectiveness in detecting the most probable SIP dialog identifier.…”

Section: Sip Anomalies Detectionmentioning

confidence: 99%

See 1 more Smart Citation

SIP-DDoS: SIP Framework for DDoS Intrusion Detection Based on Recurrent Neural Networks

Sbai,

Allaert,

Sondi

et al. 2024

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The rapid evolution of beyond fifth-generation (B5G) and sixth-generation (6G) networks has significantly driven the growth of Internet of Things (IoT) applications. These applications are characterised by: a massive connectivity, high security level, trust, wireless coverage, also ultra-low latency, high throughput, and ultra-reliability, especially for real-time oriented sessions or sensor like cameras. While traditional protocols like MQTT and CoAP are inadequate for such types of applications, under certain conditions, the 3GPP standard Session Initiation Protocol (SIP) emerges as a promising solution. However, SIP faces various Distributed Denial of Service (DDoS) threats, as INVITE flooding attacks presenting a significant challenge. This work presents a GRUbased Intrusion Detection System (IDS) to detect SIP-INVITE flooding attacks. Leveraging recurrent neural networks, the IDS efficiently process sequential SIP traffic data in real time, identifying attack patterns effectively. The GRU's ability to capture temporal dependencies enhances accuracy in classifying and detecting attack behaviors. The results demonstrate that the framework can effectively detect and mitigate INVITE flooding attacks of different intensities, under practical settings. The performance results show that the proposed framework is robust and can be practically deployed, e.g., inference time less than 800 µs and a marginal rate for the misclassified traffic.

show abstract

Section: Sip Anomalies Detectionmentioning

confidence: 99%

“…In this paper, we propose a comprehensive framework specifically designed to detect SIP INVITE flooding attacks. Recent approaches to detecting SIP-DDoS attacks focus mainly on analyzing the content of SIP messages or the entire SIP dialog [14,16]. However, these works have not been studied to analyze SIP traffic in time intervals.…”

Section: Introductionmentioning

confidence: 99%

SIP-DDoS: SIP Framework for DDoS Intrusion Detection Based on Recurrent Neural Networks

Sbai,

Allaert,

Sondi

et al. 2024

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Oliveira et al [17] proposed a framework to detect malicious SIP calls. The first stage of this framework was built using a deep Convolution Neural Network (CNN) [18].…”

Section: Related Workmentioning

confidence: 99%

Detecting SPIT Attacks in VoIP Networks Using Convolutional Autoencoders: A Deep Learning Approach

Nazih,

Alnowaiser,

Eldesouky

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

Voice over Internet Protocol (VoIP) is a technology that enables voice communication to be transmitted over the Internet, transforming communication in both personal and business contexts by offering several benefits such as cost savings and integration with other communication systems. However, VoIP attacks are a growing concern for organizations that rely on this technology for communication. Spam over Internet Telephony (SPIT) is a type of VoIP attack that involves unwanted calls or messages, which can be both annoying and pose security risks to users. Detecting SPIT can be challenging since it is often delivered from anonymous VoIP accounts or spoofed phone numbers. This paper suggests an anomaly detection model that utilizes a deep convolutional autoencoder to identify SPIT attacks. The model is trained on a dataset of normal traffic and then encodes new traffic into a lower-dimensional latent representation. If the network traffic varies significantly from the encoded normal traffic, the model flags it as anomalous. Additionally, the model was tested on two datasets and achieved F1 scores of 99.32% and 99.56%. Furthermore, the proposed model was compared to several traditional anomaly detection approaches and it outperformed them on both datasets.

show abstract

A hybrid deep learning model for detecting DDoS flooding attacks in SIP-based systems

Younes

2024

Computer Networks

View full text Add to dashboard Cite

Detection of Abnormal SIP Signaling Patterns: A Deep Learning Comparison

Cited by 5 publications

References 21 publications

SIP-DDoS: SIP Framework for DDoS Intrusion Detection Based on Recurrent Neural Networks

SIP-DDoS: SIP Framework for DDoS Intrusion Detection Based on Recurrent Neural Networks

Detecting SPIT Attacks in VoIP Networks Using Convolutional Autoencoders: A Deep Learning Approach

A hybrid deep learning model for detecting DDoS flooding attacks in SIP-based systems

Contact Info

Product

Resources

About