EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Improving Anomaly Detection for Text-Based Protocols by Exploiting Message Structures

Martin Güthle, Jochen Kögel, Stefan Wahl, Matthias Kaschub and Christian M. Mueller
Additional contact information
Martin Güthle: Institute of Communication Networks and Computer Engineering (IKR), University of Stuttgart, Germany
Jochen Kögel: Institute of Communication Networks and Computer Engineering (IKR), University of Stuttgart, Germany
Stefan Wahl: Bell-Labs Germany, Alcatel-Lucent Deutschland AG, Stuttgart, Germany
Matthias Kaschub: Institute of Communication Networks and Computer Engineering (IKR), University of Stuttgart, Germany
Christian M. Mueller: Institute of Communication Networks and Computer Engineering (IKR), University of Stuttgart, Germany

Future Internet, 2010, vol. 2, issue 4, 1-8

Abstract: Service platforms using text-based protocols need to be protected against attacks. Machine-learning algorithms with pattern matching can be used to detect even previously unknown attacks. In this paper, we present an extension to known Support Vector Machine (SVM) based anomaly detection algorithms for the Session Initiation Protocol (SIP). Our contribution is to extend the amount of different features used for classification (feature space) by exploiting the structure of SIP messages, which reduces the false positive rate. Additionally, we show how combining our approach with attribute reduction significantly improves throughput.

Keywords: anomaly detection; classification; text-based protocols; SIP; SVM (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2010
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/1999-5903/2/4/662/pdf (application/pdf)
https://www.mdpi.com/1999-5903/2/4/662/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:2:y:2010:i:4:p:662-669:d:10655

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jftint:v:2:y:2010:i:4:p:662-669:d:10655