Novel approach for IP-PBX denial of service intrusion detection using support vector machine algorithm

Jama, Abdirisaq M. and Khalifa, Othman Omran and Subramaniam, Nantha Kumar (2021) Novel approach for IP-PBX denial of service intrusion detection using support vector machine algorithm. International Journal of Communication Networks and Information Security, 13 (2). pp. 249-257. E-ISSN 2073-607X

	PDF - Published Version Restricted to Registered users only Download (325kB) \| Request a copy
	PDF (SCOPUS) - Supplemental Material Restricted to Registered users only Download (246kB) \| Request a copy

Official URL: https://www.ijcnis.org/index.php/ijcnis/article/vi...

Abstract

Recent trends have revealed that SIP based IP-PBX DoS attacks contribute to most overall IP-PBX attacks which is resulting in loss of revenues and quality of service in telecommunication providers. IP-PBX face challenges in detecting and mitigating malicious traffic. In this research, Support Vector Machine (SVM) machine learning detection & prevention algorithm were developed to detect this type of attacks Two other techniques were benchmarked decision tree and Naïve Bayes. The training phase of the machine learning algorithm used proposed real-time training datasets benchmarked with two training datasets from CICIDS and NSL-KDD. Proposed real-time training dataset for SVM algorithm achieved highest detection rate of 99.13% while decision tree and Naïve Bayes has 93.28% & 86.41% of attack detection rate, respectively. For CICIDS dataset, SVM algorithm achieved highest detection rate of 76.47% while decision tree and Naïve Bayes has 63.71% & 41.58% of detection rate, respectively. Using NSL-KDD training dataset, SVM achieved 65.17%, while decision tree and Naïve Bayes has 51.96% & 38.26% of detection rate, respectively. The time taken by the algorithms to classify the attack is very important. SVM gives less time (2.9 minutes) for detecting attacks while decision tree and naïve Bayes gives 13.6 minutes 26.2 minutes, respectively. Proposed SVM algorithm achieved the lowest false negative value of (87 messages) while decision table and Naïve Bayes achieved false negative messages of 672 and 1359, respectively

Item Type:	Article (Journal)
Additional Information:	91807/4119
Uncontrolled Keywords:	Voice over IP; Session Initiation Protocol; Attack; Security; Denial of Service, Support Vector Machine.
Subjects:	T Technology > T Technology (General) T Technology > T Technology (General) > T10.5 Communication of technical information
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button):	Kulliyyah of Engineering Kulliyyah of Engineering > Department of Electrical and Computer Engineering Kulliyyah of Medicine > Department of Community Health & Family Medicine
Depositing User:	Prof. Dr Othman O. Khalifa
Date Deposited:	30 Aug 2021 09:40
Last Modified:	28 Sep 2021 11:09
URI:	http://irep.iium.edu.my/id/eprint/91807

Actions (login required)

View Item

Download Statistics

Downloads

Downloads per month over past year