Title :
A Privacy-Preserving Entropy-Driven Framework for Tracing DoS Attacks in VoIP
Author :
Tsiatsikas, Zisis ; Geneiatakis, D. ; Kambourakis, Georgios ; Keromytis, Angelos D.
Author_Institution :
Dept. of Inform. & Comm. Syst. Eng., Univ. of the Aegean, Karlovassi, Greece
Abstract :
Network audit trails, especially those composed of application layer data, can be a valuable source of information regarding the investigation of attack incidents. Nevertheless, the analysis of log files of large volume is usually both complex (slow) and privacy-neglecting. Especially, when it comes to VoIP, the literature on how audit trails can be exploited to identify attacks remains scarce. This paper provides an entropy-driven, privacy preserving, and practical framework for detecting resource consumption attacks in VoIP ecosystems. We extensively evaluate our framework under various attack scenarios involving single and multiple assailants. The results obtained show that the proposed scheme is capable of identifying malicious traffic with a false positive alarm rate up to 3.5%.
Keywords :
Internet telephony; computer network security; data privacy; telecommunication traffic; DoS attack tracing; VoIP ecosystems; application layer data; malicious traffic identification; multiple assailants; network audit trails; privacy-preserving entropy-driven framework; resource consumption attack detection; single assailant; Artificial intelligence; Computer crime; Context; Entropy; IP networks; Measurement; Abnormal Traffic; Anonymity; DoS; Entropy; Session Initiation Protocol;
Conference_Titel :
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
Conference_Location :
Regensburg
DOI :
10.1109/ARES.2013.30
