Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Machine Learning For Detection of Anomalous SIP

sylverboss writes: SIP DDoS attacks are becoming more widespread than ever (specially the ones originating from China) which can trigger 100's of SIP messages per sec and a large volume of traffic. Snort and IPTABLES are good tools to alert and mitigate such attacks but become limited when new attacks are launched. By the time the attack is stopped, the damage is done. In this paper, Konrad R. (who I've contacted) and others describe a "A Self-Learning System for Detection of Anomalous SIP Messages". Their approach is interesting but unfortunately the software has been developed for Alcatel/Lucent. So, I wonder if the Slashdot community has implemented efficient ways to mitigate "0-day" type of attacks or even better detect anomalies in SIP signaling by just using open source software or very clever iptables rules.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Machine Learning For Detection of Anomalous SIP

Comments Filter:

We were so poor we couldn't afford a watchdog. If we heard a noise at night, we'd bark ourselves. -- Crazy Jimmy

Working...