A message level SIP anomaly detection architecture that analyses SIP messages to classify them as “good” or “bad” depending on their structure and content is proposed in [1, 2]. Though these papers contain a detailed discussion on the motivation of the work and development of the architecture, technical details of the system architecture are discussed very briefly. This report fills that gap and contains discussions of several technical aspects, such as, feature selection and dataset preparation, which are fundamental for the efficient and precise classification. It also includes download links of our developed applications and sample data, which are freely available for the community. Moreover, guidelines to configure the application and to perform experiments with the developed applications are included.
|Titolo:||Message Level SIP Anomaly Detection: Configuration and Measures Setup|
|Autori:||Ferdous, Raihana; Lo Cigno, Renato Antonio; Zorat, Alessandro|
|Luogo di edizione:||Trento|
|Casa editrice:||University of Trento|
|Anno di pubblicazione:||2015|
|Appare nelle tipologie:||07.1 Rapporto di ricerca (Project Report)|