Performance analysis of VoIP spoofing attacks using classification algorithms

Voice over Internet Protocol (VoIP) is an emerging trend of applications on the internet today. As with any recent technology, VoIP also introduces both fortuity and problems. Existing VoIP honeypot experimental set ups based on SIP (Session Initiation Protocol) deals with the basic attacks like DoS (Denial of Service), enumeration detection, signature collection and SPIT (Spam over Internet Telephony). These VoIP service abuse attacks cause discrepancy between the services offered to the VoIP users and service providers. We executed successive attempts with different sets of attributes and sample subsets to collect exact traffic records used for detecting and categorizing the attack packets using honeypot. Finally, a comparison of both the algorithms with its true and false positive rates is evaluated. For result analysis, we propose a test-bed using Zoiper (SIP clients), Asterisk server, Artemisa honeypot and Wireshark as network analyzer. The test-bed demonstrates how the honeypot effectively works in improvising the robustness of the VoIP security system from billing attacks and toll frauds.