Title :
Intrusion detection system for signal based SIP attacks through timed HCPN
Author :
Ding, Yanlan ; Su, Guiping
Author_Institution :
Sch. of Inf. Sci. & Eng., Chinese Acad. of Sci., Beijing
Abstract :
As session initiation protocol is becoming widely used for the current IP telephony services due to its simplicity and powerful functions, vulnerabilities it exposes make it susceptible to various attacks especially signal based SIP-specific attacks. Based on the security issues of SIP, in this paper, we propose the design of an intrusion detection system combined with misuse and anomaly detection for these threats by a feedback mechanism. A timed HCPN model is utilized and suited to drive and simulate the IDS for SIP with four machines. Also some detection solutions for specific attacks are provided like two recall methods for CANCEL attack and so on
Keywords :
Internet telephony; Petri nets; protocols; security of data; telecommunication security; IP telephony; feedback mechanism; hierarchy colored Petri nets; intrusion detection system; security issues; session initiation protocol; signal based SIP attacks; timed HCPN model; Communication system security; Counting circuits; Feedback; Floods; Information science; Intrusion detection; Packaging; Protocols; Signal detection; Telephony;
Conference_Titel :
Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
Conference_Location :
Vienna
Print_ISBN :
0-7695-2775-2
DOI :
10.1109/ARES.2007.102
