The Session Initiation Protocol (SIP) is one of the most common protocols that are used for signaling function in Voice over IP (VoIP) networks. The SIP protocol is very popular because of its flexibility, simplicity, and easy implementation, so it is a target of many attacks. In this paper, we propose a new system to detect the Denial of Service (DoS) attacks (i.e. malformed message and invite flooding) and Spam over Internet Telephony (SPIT) attack in the SIP based VoIP networks using a linear Support Vector Machine with l1 regularization (i.e. l1-SVM) classifier. In our approach, we project the SIP messages into a very high dimensional space using string based n-gram features. Hence, a linear classifier is trained on the top of these features. Our experimental results show that the proposed system detects malformed message, invite flooding, and SPIT attacks with a high accuracy. In addition, the proposed system outperformed other systems significantly in the detection speed.

中文翻译：

---

使用线性l1-SVM分类器有效检测基于SIP的VoIP网络中的攻击

会话发起协议（SIP）是最常用的协议之一，用于IP语音（VoIP）网络中的信令功能。SIP协议因其灵活性，简单性和易于实现而非常受欢迎，因此它是许多攻击的目标。在本文中，我们提出了一种新的系统，该系统使用线性支持向量机（l1）在基于SIP的VoIP网络中检测拒绝服务（DoS）攻击（即格式错误的消息和邀请泛洪）和Internet电话垃圾邮件（SPIT）攻击正则化（即l1-SVM）分类器。在我们的方法中，我们使用基于字符串的n-gram特征将SIP消息投影到一个高维空间中。因此，在这些功能之上训练线性分类器。我们的实验结果表明，所提出的系统能够检测出格式错误的邮件，邀请泛洪，和SPIT攻击具有很高的准确性。另外，所提出的系统在检测速度上明显优于其他系统。