Title :
VoIP Intrusion Detection Through Interacting Protocol State Machines
Author :
Sengar, Hemant ; Wijesekera, Duminda ; Wang, Haining ; Jajodia, Sushil
Author_Institution :
Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA
Abstract :
Being a fast-growing Internet application, voice over Internet protocol (VoIP) shares the network resources with the regular Internet traffic, and is susceptible to the existing security holes of the Internet. Moreover, given that voice communication is time sensitive and uses a suite of interacting protocols, VoIP exposes new forms of vulnerabilities to malicious attacks. In this paper, we propose a highly-needed VoIP intrusion detection system. Our approach is novel in that, it utilizes not only the state machines of network protocols but also the interaction among them for intrusion detection. This detection approach is particularly suited for protecting VoIP applications, in which a melange of protocols are involved to provide IP telephony services. Based on tracking deviations from interacting protocol state machines, our solution shows promising detection characteristics and low runtime impact on the perceived quality of voice streams
Keywords :
Internet telephony; computer crime; finite state machines; telecommunication security; telecommunication traffic; transport protocols; IP telephony services; Internet traffic; VoIP intrusion detection; interacting protocol state machines; malicious attacks; voice over Internet protocol; Application software; Computer science; Educational institutions; IP networks; Information systems; Internet telephony; Intrusion detection; Monitoring; Telecommunication traffic; Transport protocols;
Conference_Titel :
Dependable Systems and Networks, 2006. DSN 2006. International Conference on
Conference_Location :
Philadelphia, PA
Print_ISBN :
0-7695-2607-1
DOI :
10.1109/DSN.2006.73
