Title :
A novel method for detecting attacks towards the SIP protocol
Author :
Callegari, Christian ; Garroppo, Rosario G. ; Giordano, Stefano ; Pagano, Michele ; Russo, Franco
Author_Institution :
Dept. of Inf. Eng., Univ. of Pisa, Pisa, Italy
Abstract :
In the last few years the number and impact of security attacks over the Internet, and in particular against VoIP, have been continuously increasing. To face this issue, the use of intrusion detection systems (IDSs) has emerged as a key element in network and application security. In this paper we address the problem considering a novel statistical technique for detecting attacks towards the SIP protocol. Our approach is based on the use of Markovian models (namely high order Markov chains) for modelling SIP signalling traffic. In particular our work focuses on detection of three kinds of attacks: VoIP fuzzing, flood based denial of service, and signalling manipulation. The performance results shown in the paper, justify the proposed method and highlight the improvements over commonly used statistical techniques.
Keywords :
Internet telephony; security of data; signalling protocols; telecommunication security; Internet; Markovian models; SIP protocol; SIP signalling traffic; VoIP; VoIP fuzzing attack; application security; attack detection; flood based denial of service; high order Markov chains; intrusion detection systems; security attacks; signalling manipulation; Computer bugs; Electronic mail; Explosives; Floods; Information security; Internet; Intrusion detection; Protocols; Telecommunication traffic; Traffic control;
Conference_Titel :
Performance Evaluation of Computer & Telecommunication Systems, 2009. SPECTS 2009. International Symposium on
Conference_Location :
Istanbul
Print_ISBN :
978-1-4244-4165-5
Electronic_ISBN :
978-1-56555-328-6
