Detecting authentication misuse attacks against SIP entities

Author

Pourmohseni, Sajad ; Asgharian, Hasan ; Akbari, A.

Author_Institution

Network Res. Group, Iran Univ. of Sci. & Technol., Tehran, Iran

fYear

2013

Firstpage

1

Lastpage

5

Abstract

Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.

Keywords

computer network security; multimedia communication; next generation networks; signalling protocols; telecommunication network management; CPU-based DOS attack identification; SIP entities; application layer protocol; authentication misuse attack detection; denial-of-service attacks; multimedia communication management; next generation networks; open-source tools; security concerns; signaling protocol; user profile based anomaly detection method; Authentication; Computer crime; Educational institutions; IP networks; Intrusion detection; Registers; Servers; Authentication; CPU based DoS attack; SIP;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Security and Cryptology (ISCISC), 2013 10th International ISC Conference on

Conference_Location

Yazd

Type

conf

DOI

10.1109/ISCISC.2013.6767324

Filename

6767324