A signature database for Intrusion Detection Systems targeting Voice over Internet Protocol environments

Author

Barry, Bazara I A ; Chan, H. Anthony

Author_Institution

Dept. of Electr. Eng., Univ. of Cape Town, Cape Town

fYear

2008

fDate

16-19 Nov. 2008

Firstpage

1

Lastpage

8

Abstract

The unique features of voice over Internet protocol (VoIP) systems introduce various security challenges which entail novel detection approaches. Signature-based detection approaches have been lacking the necessary flexibility to model attacks semantically and to thwart obfuscation. In this paper, we demonstrate the design and implementation of a signature database that complements a specification-based detection module in an intrusion detection system (IDS) that targets VoIP environments. Our design models attacks at the session higher level and provides an effective solution against obfuscation attempts. The hit rate and performance evaluation figures shown by the database attest the quality of the design.

Keywords

Internet telephony; digital signatures; telecommunication security; transport protocols; VoIP system; intrusion detection system; network attack detection; obfuscation thwarting; signature database; specification-based detection module; voice-over-Internet protocol environment; Africa; Cities and towns; Computer crime; Data security; Internet telephony; Intrusion detection; Payloads; Performance analysis; Spatial databases; Transport protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Military Communications Conference, 2008. MILCOM 2008. IEEE

Conference_Location

San Diego, CA

Print_ISBN

978-1-4244-2676-8

Electronic_ISBN

978-1-4244-2677-5

Type

conf

DOI

10.1109/MILCOM.2008.4753179

Filename

4753179