A framework for SIP intrusion detection and response systems
| Autor: | Ahmad Akbari, Zoha Asgharian, Bijan Raahemi, Hassan Asgharian |
|---|---|
| Rok vydání: | 2011 |
| Předmět: |
Session Initiation Protocol
Voice over IP business.industry Computer science computer.internet_protocol Quality of service ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS IPTV Denial-of-service attack Intrusion detection system Computer security computer.software_genre Signaling protocol Next-generation network business computer Computer network |
| Zdroj: | 2011 International Symposium on Computer Networks and Distributed Systems (CNDS). |
| DOI: | 10.1109/cnds.2011.5764552 |
| Popis: | One of the main goals of moving to Next Generation Networks (NGN) is an integrated access to multimedia services like VoIP, and IPTV. The primary signaling protocol in these multimedia services is Session Initiation Protocol (SIP). This protocol, however, is vulnerable against attacks, which may reduce the Quality of Service (QoS), an important feature in NGN services. One of the most frequent attacks is Denial of Service (DoS), which can easily be generated but its detection is not trivial. In this paper, a framework is proposed to detect Denial of Service attacks and other forms of intrusions, then generate responses accordingly. Our proposed detection engine combines the specification- and anomaly-based intrusion detection techniques. The experimental results demonstrates that the proposed approach can successfully be employed to detect intruders and limit their access. Detection rates and false alarms are reported based on prepared labeled dataset from the actual test-bed |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|