Hemant Sengar, D. Wijesekera, Haining Wang, S. Jajodia
{"title":"基于交互协议状态机的VoIP入侵检测","authors":"Hemant Sengar, D. Wijesekera, Haining Wang, S. Jajodia","doi":"10.1109/DSN.2006.73","DOIUrl":null,"url":null,"abstract":"Being a fast-growing Internet application, voice over Internet protocol (VoIP) shares the network resources with the regular Internet traffic, and is susceptible to the existing security holes of the Internet. Moreover, given that voice communication is time sensitive and uses a suite of interacting protocols, VoIP exposes new forms of vulnerabilities to malicious attacks. In this paper, we propose a highly-needed VoIP intrusion detection system. Our approach is novel in that, it utilizes not only the state machines of network protocols but also the interaction among them for intrusion detection. This detection approach is particularly suited for protecting VoIP applications, in which a melange of protocols are involved to provide IP telephony services. Based on tracking deviations from interacting protocol state machines, our solution shows promising detection characteristics and low runtime impact on the perceived quality of voice streams","PeriodicalId":228470,"journal":{"name":"International Conference on Dependable Systems and Networks (DSN'06)","volume":"186 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"128","resultStr":"{\"title\":\"VoIP Intrusion Detection Through Interacting Protocol State Machines\",\"authors\":\"Hemant Sengar, D. Wijesekera, Haining Wang, S. Jajodia\",\"doi\":\"10.1109/DSN.2006.73\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Being a fast-growing Internet application, voice over Internet protocol (VoIP) shares the network resources with the regular Internet traffic, and is susceptible to the existing security holes of the Internet. Moreover, given that voice communication is time sensitive and uses a suite of interacting protocols, VoIP exposes new forms of vulnerabilities to malicious attacks. In this paper, we propose a highly-needed VoIP intrusion detection system. Our approach is novel in that, it utilizes not only the state machines of network protocols but also the interaction among them for intrusion detection. This detection approach is particularly suited for protecting VoIP applications, in which a melange of protocols are involved to provide IP telephony services. Based on tracking deviations from interacting protocol state machines, our solution shows promising detection characteristics and low runtime impact on the perceived quality of voice streams\",\"PeriodicalId\":228470,\"journal\":{\"name\":\"International Conference on Dependable Systems and Networks (DSN'06)\",\"volume\":\"186 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-06-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"128\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Dependable Systems and Networks (DSN'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN.2006.73\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Dependable Systems and Networks (DSN'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2006.73","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 128
摘要
VoIP (voice over Internet protocol)是一种快速发展的Internet应用,它与Internet的常规流量共享网络资源,容易受到Internet现有安全漏洞的影响。此外,鉴于语音通信是时间敏感的,并且使用一套交互协议,VoIP暴露了新的恶意攻击漏洞形式。本文提出了一种急需的VoIP入侵检测系统。该方法的新颖之处在于,它不仅利用了网络协议的状态机,而且利用了网络协议之间的相互作用来进行入侵检测。这种检测方法特别适合于保护VoIP应用程序,其中涉及多种协议来提供IP电话服务。基于跟踪交互协议状态机的偏差,我们的解决方案显示出有希望的检测特性和对语音流感知质量的低运行时影响
VoIP Intrusion Detection Through Interacting Protocol State Machines
Being a fast-growing Internet application, voice over Internet protocol (VoIP) shares the network resources with the regular Internet traffic, and is susceptible to the existing security holes of the Internet. Moreover, given that voice communication is time sensitive and uses a suite of interacting protocols, VoIP exposes new forms of vulnerabilities to malicious attacks. In this paper, we propose a highly-needed VoIP intrusion detection system. Our approach is novel in that, it utilizes not only the state machines of network protocols but also the interaction among them for intrusion detection. This detection approach is particularly suited for protecting VoIP applications, in which a melange of protocols are involved to provide IP telephony services. Based on tracking deviations from interacting protocol state machines, our solution shows promising detection characteristics and low runtime impact on the perceived quality of voice streams
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
