VoIP-aware network attack detection based on statistics and behavior of SIP traffic

Jonghan Lee, Kyumin Cho, ChangYong Y. Lee, Seung-Joo Kim

Research output: Contribution to journalArticle

8 Citations (Scopus)

Abstract

VoIP is one of the most popular Internet services. However, VoIP service is vulnerable to several potential security threats. Moreover, existing IP-based security solutions are unable to inspect call setup information. In this paper, we propose a VoIP-aware attack-detection scheme. The proposed scheme is able to detect VoIP network attacks including VoIP DoS and SPAM. It can detect VoIP DoS attacks with low false negatives using a statistics-based detection algorithm and can recognize SPAM with low false positives using a caller behavior-based detection algorithm. We have included experimental results to confirm the proposed scheme.

Original languageEnglish
Pages (from-to)872-880
Number of pages9
JournalPeer-to-Peer Networking and Applications
Volume8
Issue number5
DOIs
Publication statusPublished - 2014 Jun 12

Fingerprint

Statistics
Internet
Denial-of-service attack

Keywords

  • Attack detection
  • Behavior-based detection
  • SIP
  • SPAM
  • Statistic-based detection
  • VoIP
  • VoIP DoS

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Cite this

VoIP-aware network attack detection based on statistics and behavior of SIP traffic. / Lee, Jonghan; Cho, Kyumin; Lee, ChangYong Y.; Kim, Seung-Joo.

In: Peer-to-Peer Networking and Applications, Vol. 8, No. 5, 12.06.2014, p. 872-880.

Research output: Contribution to journalArticle

@article{82820a0e688b4b27b329429abc486775,
title = "VoIP-aware network attack detection based on statistics and behavior of SIP traffic",
abstract = "VoIP is one of the most popular Internet services. However, VoIP service is vulnerable to several potential security threats. Moreover, existing IP-based security solutions are unable to inspect call setup information. In this paper, we propose a VoIP-aware attack-detection scheme. The proposed scheme is able to detect VoIP network attacks including VoIP DoS and SPAM. It can detect VoIP DoS attacks with low false negatives using a statistics-based detection algorithm and can recognize SPAM with low false positives using a caller behavior-based detection algorithm. We have included experimental results to confirm the proposed scheme.",
keywords = "Attack detection, Behavior-based detection, SIP, SPAM, Statistic-based detection, VoIP, VoIP DoS",
author = "Jonghan Lee and Kyumin Cho and Lee, {ChangYong Y.} and Seung-Joo Kim",
year = "2014",
month = "6",
day = "12",
doi = "10.1007/s12083-014-0289-8",
language = "English",
volume = "8",
pages = "872--880",
journal = "Peer-to-Peer Networking and Applications",
issn = "1936-6442",
publisher = "Springer New York",
number = "5",

}

TY - JOUR

T1 - VoIP-aware network attack detection based on statistics and behavior of SIP traffic

AU - Lee, Jonghan

AU - Cho, Kyumin

AU - Lee, ChangYong Y.

AU - Kim, Seung-Joo

PY - 2014/6/12

Y1 - 2014/6/12

N2 - VoIP is one of the most popular Internet services. However, VoIP service is vulnerable to several potential security threats. Moreover, existing IP-based security solutions are unable to inspect call setup information. In this paper, we propose a VoIP-aware attack-detection scheme. The proposed scheme is able to detect VoIP network attacks including VoIP DoS and SPAM. It can detect VoIP DoS attacks with low false negatives using a statistics-based detection algorithm and can recognize SPAM with low false positives using a caller behavior-based detection algorithm. We have included experimental results to confirm the proposed scheme.

AB - VoIP is one of the most popular Internet services. However, VoIP service is vulnerable to several potential security threats. Moreover, existing IP-based security solutions are unable to inspect call setup information. In this paper, we propose a VoIP-aware attack-detection scheme. The proposed scheme is able to detect VoIP network attacks including VoIP DoS and SPAM. It can detect VoIP DoS attacks with low false negatives using a statistics-based detection algorithm and can recognize SPAM with low false positives using a caller behavior-based detection algorithm. We have included experimental results to confirm the proposed scheme.

KW - Attack detection

KW - Behavior-based detection

KW - SIP

KW - SPAM

KW - Statistic-based detection

KW - VoIP

KW - VoIP DoS

UR - http://www.scopus.com/inward/record.url?scp=84938751624&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84938751624&partnerID=8YFLogxK

U2 - 10.1007/s12083-014-0289-8

DO - 10.1007/s12083-014-0289-8

M3 - Article

AN - SCOPUS:84938751624

VL - 8

SP - 872

EP - 880

JO - Peer-to-Peer Networking and Applications

JF - Peer-to-Peer Networking and Applications

SN - 1936-6442

IS - 5

ER -