VoIP Intrusion Detection Through Interacting Protocol State Machines
作者: H. Sengar , D. Wijesekera , Haining Wang , S. Jajodia
DOI: 10.1109/DSN.2006.73
关键词:
摘要: Being a fast-growing Internet application, voice over protocol (VoIP) shares the network resources with regular traffic, and is susceptible to existing security holes of Internet. Moreover, given that communication time sensitive uses suite interacting protocols, VoIP exposes new forms vulnerabilities malicious attacks. In this paper, we propose highly-needed intrusion detection system. Our approach novel in that, it utilizes not only state machines protocols but also interaction among them for detection. This particularly suited protecting applications, which melange are involved provide IP telephony services. Based on tracking deviations from machines, our solution shows promising characteristics low runtime impact perceived quality streams
ieeecomputersociety.org
udel.edu 参考文章(18)
Giovanni Vigna, Sumit Gwalani, Kavitha Srinivasan, Elizabeth M Belding-Royer, Richard A Kemmerer, An intrusion detection tool for AODV-based ad hoc wireless networks annual computer security applications conference. pp. 16- 27 ,(2004) , 10.1109/CSAC.2004.6
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
M. Handley, Colin Perkins, V. Jacobson, SDP: Session Description Protocol RFC. ,vol. 2327, pp. 1- 42 ,(1998) , 10.17487/RFC8866
R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, S. Zhou, Specification-based anomaly detection Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 265- 274 ,(2002) , 10.1145/586110.586146
D. Lee, M. Yannakakis, Principles and methods of testing finite state machines-a survey Proceedings of the IEEE. ,vol. 84, pp. 1090- 1123 ,(1996) , 10.1109/5.533956
SIP: Session Initiation Protocol RFC3261. ,vol. 2543, pp. 1- 151 ,(2002) , 10.1201/9781420070910-13
V. Jacobson, R. Frederick, H. Schulzrinne, S. Casner, RTP: A Transport Protocol for Real-Time Applications RFC 1889. ,vol. 1889, pp. 1- 104 ,(2003)
K. Ilgun, R.A. Kemmerer, P.A. Porras, State transition analysis: a rule-based intrusion detection approach IEEE Transactions on Software Engineering. ,vol. 21, pp. 181- 199 ,(1995) , 10.1109/32.372146
G. Vigna, W. Robertson, V. Kher, R.A. Kemmerer, A stateful intrusion detection system for world-wide web servers 19th Annual Computer Security Applications Conference, 2003. Proceedings.. pp. 34- 43 ,(2003) , 10.1109/CSAC.2003.1254308
A. Petrenko, S. Boroday, R. Groz, Confirming configurations in EFSM testing IEEE Transactions on Software Engineering. ,vol. 30, pp. 29- 42 ,(2004) , 10.1109/TSE.2004.1265734