Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony

Muhammad Ali Akbar; Muddassar Farooq

首页> 外文期刊>Knowledge and information systems >Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony

【24h】

Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony

机译：确保基于SIP的VoIP基础架构免受洪水攻击和IP电话上的垃圾邮件

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Security of session initiation protocol (SIP) servers is a serious concern of Voice over Internet (VoIP) vendors. The important contribution of our paper is an accurate and real-time attack classification system that detects: (1) application layer SIP flood attacks that result in denial of service (DoS) and distributed DoS attacks, and (2) Spam over Internet Telephony (SPIT). The major advantage of our framework over existing schemes is that it performs packet-based analysis using a set of spatial and temporal features. As a result, we do not need to transform network packet streams into traffic flows and thus save significant processing and memory overheads associated with the flow-based analysis. We evaluate our framework on a real-world SIP traffic-collected from the SIP server of a VoIP vendor-by injecting a number of application layer anomalies in it. The results of our experiments show that our proposed framework achieves significantly greater detection accuracy compared with existing state-of-the-art flooding and SPIT detection schemes.

机译：会话发起协议（SIP）服务器的安全性是Internet语音（VoIP）供应商的严重关注。本文的重要贡献是一种准确，实时的攻击分类系统，它可以检测：（1）导致拒绝服务（DoS）和分布式DoS攻击的应用层SIP Flood攻击，以及（2）Internet电话上的垃圾邮件（吐）。与现有方案相比，我们的框架的主要优势在于它使用一组空间和时间特征来执行基于数据包的分析。结果，我们不需要将网络数据包流转换为业务流，从而节省了与基于流的分析相关的大量处理和内存开销。我们通过从VoIP供应商的SIP服务器收集的真实SIP流量评估我们的框架，方法是在其中注入许多应用程序层异常。实验结果表明，与现有的最新泛洪和SPIT检测方案相比，我们提出的框架可实现更高的检测精度。

著录项

来源
《Knowledge and information systems》 |2014年第2期|共20页
作者
Muhammad Ali Akbar; Muddassar Farooq;
展开▼
作者单位

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类自动化系统理论;
关键词
SIP; Intrusion detection; VoIP security; SPAM Over; IP Telephony; Denial of service;

机译：SIP;入侵检测;VoIP安全性;SPAM over;IP电话;拒绝服务;

相似文献

外文文献
中文文献
专利

1. Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony [J] . Muhammad Ali Akbar, Muddassar Farooq Knowledge and information systems . 2014,第2期

机译：确保基于SIP的VoIP基础架构免受洪水攻击和IP电话上的垃圾邮件
2. SPIDER: A platform for managing SIP-based Spam over Internet Telephony (SPIT) [J] . Dimitris Gritzalis, Giannis Marias, Yacine Rebahi, Journal of computer security . 2011,第5期

机译：SPIDER：一个用于通过Internet电话（SPIT）管理基于SIP的垃圾邮件的平台
3. Billing Attacks on SIP-Based VoIP Systems [J] . Inside R & D . 2008,第16期

机译：基于SIP的VoIP系统的计费攻击
4. Thwarting Spam over Internet Telephony (SPIT) attacks on VoIP networks [C] . Sengar Hemant, Wang Xinyuan, Nichols Art 2011 IEEE Nineteenth International Workshop on Quality of Service . 2011

机译：阻止VoIP网络上的Internet电话垃圾邮件（SPIT）攻击
5. Denial of Service Intrusion Detection System for SIP-based VoIP. [D] . Wright, Kwame-Lante. 2011

机译：基于SIP的VoIP的拒绝服务入侵检测系统。
6. Countering DDoS Attacks in SIP Based VoIP Networks Using Recurrent Neural Networks [O] . Waleed Nazih, Yasser Hifny, Wail S. Elkilani, 2020

机译：使用经常性神经网络对基于SIP的VoIP网络进行反击DDOS攻击
7. Security of VoIP : Analysis, Testing and Mitigation of SIP-based DDoS attacks on VoIP Networks [O] . Deng Xianglin 2008

机译：VoIP的安全性：VoIP网络上基于SIP的DDoS攻击的分析，测试和缓解

Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony

摘要

著录项

相似文献

相关主题

期刊订阅