{"title":"检测SIP系统的DoS攻击","authors":"Eric Y. Chen","doi":"10.1109/VOIPMS.2006.1638123","DOIUrl":null,"url":null,"abstract":"As VoIP technology becomes more widely deployed due to its economical advantage over traditional PSTN services, VoIP servers and clients will become attractive targets of denial of service (DoS) attacks. This paper proposes a method to detect DoS attacks that involve flooding SIP entities with illegitimate SIP messages. We modify the original finite-state machines for SIP transactions in such a way that transaction anomalies can be detected in a stateful manner. We also propose to use four threshold parameters to confirm an attack.","PeriodicalId":374092,"journal":{"name":"1st IEEE Workshop on VoIP Management and Security, 2006.","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"114","resultStr":"{\"title\":\"Detecting DoS attacks on SIP systems\",\"authors\":\"Eric Y. Chen\",\"doi\":\"10.1109/VOIPMS.2006.1638123\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As VoIP technology becomes more widely deployed due to its economical advantage over traditional PSTN services, VoIP servers and clients will become attractive targets of denial of service (DoS) attacks. This paper proposes a method to detect DoS attacks that involve flooding SIP entities with illegitimate SIP messages. We modify the original finite-state machines for SIP transactions in such a way that transaction anomalies can be detected in a stateful manner. We also propose to use four threshold parameters to confirm an attack.\",\"PeriodicalId\":374092,\"journal\":{\"name\":\"1st IEEE Workshop on VoIP Management and Security, 2006.\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-04-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"114\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"1st IEEE Workshop on VoIP Management and Security, 2006.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/VOIPMS.2006.1638123\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"1st IEEE Workshop on VoIP Management and Security, 2006.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/VOIPMS.2006.1638123","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
As VoIP technology becomes more widely deployed due to its economical advantage over traditional PSTN services, VoIP servers and clients will become attractive targets of denial of service (DoS) attacks. This paper proposes a method to detect DoS attacks that involve flooding SIP entities with illegitimate SIP messages. We modify the original finite-state machines for SIP transactions in such a way that transaction anomalies can be detected in a stateful manner. We also propose to use four threshold parameters to confirm an attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
