{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00100908","sets":["5471:7431:7566"]},"path":["7566"],"owner":"11","recid":"100908","title":["SIP Flooding Attack Detection Using a Trust Model and Statistical Algorithms"],"pubdate":{"attribute_name":"公開日","attribute_value":"2014-04-15"},"_buckets":{"deposit":"6d1eb574-4bbf-467c-b350-33e0ba6441ed"},"_deposit":{"id":"100908","pid":{"type":"depid","value":"100908","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"SIP Flooding Attack Detection Using a Trust Model and Statistical Algorithms","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"SIP Flooding Attack Detection Using a Trust Model and Statistical Algorithms"},{"subitem_title":"SIP Flooding Attack Detection Using a Trust Model and Statistical Algorithms","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[Special Issue on Network Services and Distributed Processing] IMS, security, flooding attack, statistical analysis, trust","subitem_subject_scheme":"Other"}]},"item_type_id":"5","publish_date":"2014-04-15","item_5_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"Nara Institute of Science and Technology"},{"subitem_text_value":"Nara Institute of Science and Technology"},{"subitem_text_value":"Nara Institute of Science and Technology"},{"subitem_text_value":"Nara Institute of Science and Technology"}]},"item_5_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Nara Institute of Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"Nara Institute of Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"Nara Institute of Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"Nara Institute of Science and Technology","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/100908/files/IPSJ-JIP2202004.pdf"},"date":[{"dateType":"Available","dateValue":"2016-04-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JIP2202004.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"5"},{"tax":["include_tax"],"price":"0","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"06bb40e5-d9c7-49f3-85fc-ba236d2029a8","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2014 by the Information Processing Society of Japan"}]},"item_5_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Noppawat, Chaisamran"},{"creatorName":"Takeshi, Okuda"},{"creatorName":"Youki, Kadobayashi"},{"creatorName":"Suguru, Yamaguchi"}],"nameIdentifiers":[{}]}]},"item_5_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Noppawat, Chaisamran","creatorNameLang":"en"},{"creatorName":"Takeshi, Okuda","creatorNameLang":"en"},{"creatorName":"Youki, Kadobayashi","creatorNameLang":"en"},{"creatorName":"Suguru, Yamaguchi","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_5_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA00700121","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_5_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-6652","subitem_source_identifier_type":"ISSN"}]},"item_5_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"The IP Multimedia Subsystem (IMS) has been constantly evolving to meet the tremendous rise in popularity of mobile services and Internet applications. Since IMS uses Session Initiation Protocol as the main protocol to control a signal, it inherits numerous known security vulnerabilities. One of the most severe issues is the Denial of Service attack. To address this problem, we introduce an anomaly-based detection system using the Tanimoto distance to identify deviations in the traffic. A modified moving average is applied to compute an adaptive threshold. To overcome a drawback of the adaptive threshold method, we present a momentum oscillation indicator to detect a gradually increasing attack. Generally, anomaly-based detection systems trigger many alarms and most of them are false positives that impact the quality of the detection. Therefore, we first present a false positive reduction method by using a trust model. A reliable trust value is calculated through the call activities and the human behavior of each user. The system performance is evaluated by using a comprehensive synthetic dataset containing various malicious traffic patterns. The experimental results show that this system accurately identified attacks and has the flexibility to deal with many types of attack patterns with a low false alarm.","subitem_description_type":"Other"}]},"item_5_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"The IP Multimedia Subsystem (IMS) has been constantly evolving to meet the tremendous rise in popularity of mobile services and Internet applications. Since IMS uses Session Initiation Protocol as the main protocol to control a signal, it inherits numerous known security vulnerabilities. One of the most severe issues is the Denial of Service attack. To address this problem, we introduce an anomaly-based detection system using the Tanimoto distance to identify deviations in the traffic. A modified moving average is applied to compute an adaptive threshold. To overcome a drawback of the adaptive threshold method, we present a momentum oscillation indicator to detect a gradually increasing attack. Generally, anomaly-based detection systems trigger many alarms and most of them are false positives that impact the quality of the detection. Therefore, we first present a false positive reduction method by using a trust model. A reliable trust value is calculated through the call activities and the human behavior of each user. The system performance is evaluated by using a comprehensive synthetic dataset containing various malicious traffic patterns. The experimental results show that this system accurately identified attacks and has the flexibility to deal with many types of attack patterns with a low false alarm.","subitem_description_type":"Other"}]},"item_5_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"129","bibliographic_titles":[{"bibliographic_title":"Journal of information processing"}],"bibliographicPageStart":"118","bibliographicIssueDates":{"bibliographicIssueDate":"2014-04-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"22"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":100908,"updated":"2025-01-21T11:30:15.179427+00:00","links":{},"created":"2025-01-18T23:46:36.078565+00:00"}