1. Detection of SIP-Based Denial of Service Attack Using Dual Cost Formulation of Support Vector Machine.
- Author
-
POUGAJENDY, JAYASHREE and PARTHIBAN, ARUN RAJ KUMAR
- Subjects
- *
SESSION Initiation Protocol (Computer network protocol) , *SUPPORT vector machines , *DENIAL of service attacks , *LABORATORIES , *ALGORITHMS - Abstract
The stateful property of Session Initiation Protocol (SIP) is exploited to cause a massive disruption to the SIP service. Existing SIP-Denial of Service defense mechanisms fail to detect low-rate floods, and consume higher detection time. We have generated SIP traffic in our laboratory and the performance of the classifiers was empirically evaluated. From the experimental results, it is evident that Support Vector Machine (SVM) performed fairly well compared to the other classifiers, but resulted in some false positives and false negatives. Our proposed SVMBoost algorithm which uses the dual cost formulation of SVM and Neyman–Pearson approach was experimented on both high-rate and low-rate message flooding data sets. SVMBoost classification algorithm achieves high detection accuracy of 99.9% with 0% false positive rate and with 0.27% false negative rate. SVMBoost outperforms the existing algorithms with a maximum gain of 35.97% and a minimum gain of 0.28% in high-rate flooding detection and with a gain of 4.45% in low-rate flooding detection. [ABSTRACT FROM AUTHOR]
- Published
- 2017
- Full Text
- View/download PDF