Research And Implementation Of SIP Semantic Malformation Detection System

Posted on:2017-05-22

Degree:Master

Type:Thesis

Country:China

Candidate:B R Fu

Full Text:PDF

GTID:2348330518995531

Subject:Computer Science and Technology

Abstract/Summary:

PDF Full Text Request

SIP is a multimedia protocol in network application layer.SIP protocol is simple to understand and easy to expand,it has been widely applied to VoIP and multimedia conference.When IETF designed SIP protocol,the main consideration is the easiness,so the open and flexible structure of SIP protocol results in lots of security problems,which has been focused by academic and industrial areas.Now there are two major detection technologies for malformed SIP message:feature detection technology and anomaly detection technology.Feature detection technology sets syntax detection rules according to the RFC 3261,but can not effectively detect SIP semantic malformation;anomaly detection technology does not understand the SIP syntax or semantics,and a pre-trained classifier is used for SIP data packet classification,its accuracy dependents on the pre-trained samples.Now the detection of malformed SIP mainly focuses on the syntax level,and semantic malformation is not paid enough attention.In order to solve the deficiency of feature detection and anomaly detection,this paper introduces a converged design of two methods for SIP semantic detection.First,feature detection is used for syntax and semantics detection,the message length is first detected and then the extraction of header fields.Detection rules based on RFC 3261 and RFC 4475 summarize the typical characteristics of the syntax and semantics SIP malformation.For other unknown malformation and those which are not easily represented by rules,this paper uses a pre-trained classifier to detect malformation.In the training phase,a large number of labeled SIP messages are converted into labeled vector by n-gram method to train the classifier parameters.In the detection phase,similarly,tests vectors are loaded to the classifier as input.Anomaly detection technology does not need to understand the SIP syntax or semantic,and with a well pre-trained classifier,the module can get a high detection accuracy.Based on the above methods,in the simulation test,it is proved that the semantic SIP malformation detection system has a high detection accuracy.

Keywords/Search Tags:

SIP, malformation detection, n-gram, SVM classifier

PDF Full Text Request

Related items

1	The Research On Web Page Malicious Code Detection Based On Classifier Ensemble
2	An N-gram enhanced learning classifier for Chinese character recognition
3	Research And Improvement On Na(?)ve Bayes Test Classifier
4	Research Of Souce Code Plagiarism Detection Method Based On N-gram
5	Design And Implementation Of HTTP Traffic Detection Platform Based On Spark And N-gram
6	Study On SQL Injection Detection Based On N-Gram
7	Based On The Volume Characteristics Of Human Motion Detection
8	Research On Malicious PDF Document Static Detection Technology Based On Improved N-gram
9	Research And Development Of Malicious Code Detection System Based On N-GRAM
10	Fast Face Detection System Design And Implementation