Cart (Loading....) | Create Account
Close category search window

Intrusion Detection System for IP Multimedia Subsystem using K-Nearest Neighbor classifier

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Farooqi, A.H. ; Dept. of Comput. Sci., Nat. Univ. of Comput. & Emerging Sci., Islamabad ; Munir, A.

IP multimedia subsystem (IMS) is a new next generation networking architecture that will provide better quality of service, charging infrastructure and security. The basic idea behind IMS is convergence; providing a single interface to different traditional or modern networking architectures allowing better working environment for the end users. IMS is still not commercially adopted and used but research is in progress to explore it. IMS is an IP based overlay next generation network architecture. It inherent number of security threats of session initiation protocol (SIP), TCP, UDP etc as it uses SIP and IP protocols. Some of them can degrade the performance of IMS seriously and may cause DoS or DDoS attacks. The paper presents a new approach keeping a vision of secure IMS based on intrusion detection system (IDS) using k-nearest neighbor (KNN) as classifier. The KNN classifier can effectively detect intrusive attacks and achieve a low false positive rate. It can distinguish between the normal behavior of the system or abnormal. In this paper, we have focused on the key element of IMS core known as proxy call session control function (PCSCF). Network based anomaly detection mechanism is proposed using KNN as anomaly detector. Experiments are performed on OpenIMS core and the result shows that IMS is vulnerable to different types of attacks such as UDP flooding, IP spoofing that can cause DoS. KNN classifier effectively distinguishes the behavior of the system as normal or intrusive and achieve low false positive rate.

Published in:

Multitopic Conference, 2008. INMIC 2008. IEEE International

Date of Conference:

23-24 Dec. 2008

Need Help?

IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2014 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.