• DocumentCode
    2414776
  • Title

    Intrusion detection system for signal based SIP attacks through timed HCPN

  • Author

    Ding, Yanlan ; Su, Guiping

  • Author_Institution
    Sch. of Inf. Sci. & Eng., Chinese Acad. of Sci., Beijing
  • fYear
    2007
  • fDate
    10-13 April 2007
  • Firstpage
    190
  • Lastpage
    197
  • Abstract
    As session initiation protocol is becoming widely used for the current IP telephony services due to its simplicity and powerful functions, vulnerabilities it exposes make it susceptible to various attacks especially signal based SIP-specific attacks. Based on the security issues of SIP, in this paper, we propose the design of an intrusion detection system combined with misuse and anomaly detection for these threats by a feedback mechanism. A timed HCPN model is utilized and suited to drive and simulate the IDS for SIP with four machines. Also some detection solutions for specific attacks are provided like two recall methods for CANCEL attack and so on
  • Keywords
    Internet telephony; Petri nets; protocols; security of data; telecommunication security; IP telephony; feedback mechanism; hierarchy colored Petri nets; intrusion detection system; security issues; session initiation protocol; signal based SIP attacks; timed HCPN model; Communication system security; Counting circuits; Feedback; Floods; Information science; Intrusion detection; Packaging; Protocols; Signal detection; Telephony;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    0-7695-2775-2
  • Type

    conf

  • DOI
    10.1109/ARES.2007.102
  • Filename
    4159803