论文信息 - Comparison of artificial intelligence classifiers for SIP attack data

Comparison of artificial intelligence classifiers for SIP attack data

Honeypot application is a source of valuable data about attacks on the network. We run several SIP honeypots in various computer networks, which are separated geographically and logically. Each honeypot runs on public IP address and uses standard SIP PBX ports. All information gathered via honeypot is periodically sent to the centralized server. This server classifies all attack data by neural network algorithm. The paper describes optimizations of a neural network classifier, which lower the classification error. The article contains the comparison of two neural network algorithm used for the classification of validation data. The first is the original implementation of the neural network described in recent work; the second neural network uses further optimizations like input normalization or cross-entropy cost function. We also use other implementations of neural networks and machine learning classification algorithms. The comparison test their capabilities on validation data to find the optimal classifier. The article result shows promise for further development of an accurate SIP attack classification engine.

Jakub Safarik | Jiri Slachta | J. Safarik | J. Slachta

[1] Miroslav Voznak,et al. Neural network classifier of attacks in IP telephony , 2014, Sensing Technologies + Applications.

[2] Miroslav Voznak,et al. Web-based IP telephony penetration system evaluating level of protection from attacks and threats , 2011 .

[3] Yoshua Bengio,et al. Practical Recommendations for Gradient-Based Training of Deep Architectures , 2012, Neural Networks: Tricks of the Trade.

[4] M. Voznák. SECURITY EVALUATION OF MULTIMEDIA SYSTEMS , 2012 .

[5] Miroslav Voznak,et al. Threats to voice over IP communications systems , 2010 .

[6] Jakub Safarik,et al. VoIP attacks detection engine based on neural network , 2015, Commercial + Scientific Sensing and Imaging.

[7] Miroslav Voznak,et al. SIP Registration Burst Load Test , 2011 .

[8] Charu C. Aggarwal,et al. Neural Networks and Deep Learning , 2018, Springer International Publishing.

[9] Miroslav Voznak,et al. Security analysis system to detect threats on a SIP VoIP infrasctructure elements , 2011 .

[10] Miroslav Voznak. Speech bandwith requirements in IPsec and TLS environment , 2009 .

[11] Miroslav Voznak,et al. Automatic Classification of Attacks on IP Telephony , 2013 .

[12] Miroslav Voznak,et al. SIP proxy robustness against DoS attacks , 2011 .