{"title":"对SIP正常流量进行建模,利用模糊逻辑检测和防范SIP- voip泛洪攻击","authors":"Mahsa Hosseinpour, Seyed Amin Hosseeini Seno, M. Moghaddam, Hossein Khosravi Roshkhari","doi":"10.1109/ICCKE.2016.7802152","DOIUrl":null,"url":null,"abstract":"As Voice over Internet Protocol (VoIP) or internet telephony became so popular, it has faced more security threats in comparison with traditional Public Switched Telephone Network (PSTN). Using IP-based infrastructures like public internet and signaling protocols such as Session Initiation Protocol (SIP), have been subjected this technology to various kinds of attacks. Denial of Service (DoS) attack, due to the flooding different kinds of SIP messages, is one of the most well-known type of these attacks. In this paper a new anomaly-based method for detecting and preventing different kinds of flooding attacks using SIP normal traffic modeling, is proposed. To reach this goal, SIP specifications are modeled and required parameters are extracted by the help of a FSM in order to use in fuzzy systems. Fuzzy systems results, put the proposed method in a predefined state. For prevention purposes, a filtering-based method using whitelist, is provided. Implementation results represent the fact that, the proposed method detects mentioned attacks more accurately in comparison with similar methods.","PeriodicalId":205768,"journal":{"name":"2016 6th International Conference on Computer and Knowledge Engineering (ICCKE)","volume":"99 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Modeling SIP normal traffic to detect and prevent SIP-VoIP flooding attacks using fuzzy logic\",\"authors\":\"Mahsa Hosseinpour, Seyed Amin Hosseeini Seno, M. Moghaddam, Hossein Khosravi Roshkhari\",\"doi\":\"10.1109/ICCKE.2016.7802152\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As Voice over Internet Protocol (VoIP) or internet telephony became so popular, it has faced more security threats in comparison with traditional Public Switched Telephone Network (PSTN). Using IP-based infrastructures like public internet and signaling protocols such as Session Initiation Protocol (SIP), have been subjected this technology to various kinds of attacks. Denial of Service (DoS) attack, due to the flooding different kinds of SIP messages, is one of the most well-known type of these attacks. In this paper a new anomaly-based method for detecting and preventing different kinds of flooding attacks using SIP normal traffic modeling, is proposed. To reach this goal, SIP specifications are modeled and required parameters are extracted by the help of a FSM in order to use in fuzzy systems. Fuzzy systems results, put the proposed method in a predefined state. For prevention purposes, a filtering-based method using whitelist, is provided. Implementation results represent the fact that, the proposed method detects mentioned attacks more accurately in comparison with similar methods.\",\"PeriodicalId\":205768,\"journal\":{\"name\":\"2016 6th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"volume\":\"99 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 6th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCKE.2016.7802152\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 6th International Conference on Computer and Knowledge Engineering (ICCKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCKE.2016.7802152","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Modeling SIP normal traffic to detect and prevent SIP-VoIP flooding attacks using fuzzy logic
As Voice over Internet Protocol (VoIP) or internet telephony became so popular, it has faced more security threats in comparison with traditional Public Switched Telephone Network (PSTN). Using IP-based infrastructures like public internet and signaling protocols such as Session Initiation Protocol (SIP), have been subjected this technology to various kinds of attacks. Denial of Service (DoS) attack, due to the flooding different kinds of SIP messages, is one of the most well-known type of these attacks. In this paper a new anomaly-based method for detecting and preventing different kinds of flooding attacks using SIP normal traffic modeling, is proposed. To reach this goal, SIP specifications are modeled and required parameters are extracted by the help of a FSM in order to use in fuzzy systems. Fuzzy systems results, put the proposed method in a predefined state. For prevention purposes, a filtering-based method using whitelist, is provided. Implementation results represent the fact that, the proposed method detects mentioned attacks more accurately in comparison with similar methods.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
