检测针对SIP实体的鉴权滥用攻击

2013 10th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2013-08-01 DOI:10.1109/ISCISC.2013.6767324

Sajad Pourmohseni, Hassan Asgharian, A. Akbari

{"title":"检测针对SIP实体的鉴权滥用攻击","authors":"Sajad Pourmohseni, Hassan Asgharian, A. Akbari","doi":"10.1109/ISCISC.2013.6767324","DOIUrl":null,"url":null,"abstract":"Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.","PeriodicalId":265985,"journal":{"name":"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Detecting authentication misuse attacks against SIP entities\",\"authors\":\"Sajad Pourmohseni, Hassan Asgharian, A. Akbari\",\"doi\":\"10.1109/ISCISC.2013.6767324\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.\",\"PeriodicalId\":265985,\"journal\":{\"name\":\"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)\",\"volume\":\"52 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCISC.2013.6767324\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCISC.2013.6767324","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

SIP作为一种简单高效的多媒体通信管理协议，是当前面向下一代网络演进的主流。SIP的简单性增加了服务提供者对各种滥用(包括拒绝服务攻击)的安全关注。SIP协议中DoS攻击的目标可以是带宽、内存或CPU。本文提出了一种基于用户配置文件的异常检测方法，用于识别滥用SIP认证机制的基于cpu的DOS攻击。基于知名的开源工具，我们在真实的测试平台上验证和评估了我们提出的解决方案。仿真结果报告了我们的方法在检测这种特定类型的攻击方面的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detecting authentication misuse attacks against SIP entities

Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)

自引率

0.00%

发文量