DocumentCode
2414776
Title
Intrusion detection system for signal based SIP attacks through timed HCPN
Author
Ding, Yanlan ; Su, Guiping
Author_Institution
Sch. of Inf. Sci. & Eng., Chinese Acad. of Sci., Beijing
fYear
2007
fDate
10-13 April 2007
Firstpage
190
Lastpage
197
Abstract
As session initiation protocol is becoming widely used for the current IP telephony services due to its simplicity and powerful functions, vulnerabilities it exposes make it susceptible to various attacks especially signal based SIP-specific attacks. Based on the security issues of SIP, in this paper, we propose the design of an intrusion detection system combined with misuse and anomaly detection for these threats by a feedback mechanism. A timed HCPN model is utilized and suited to drive and simulate the IDS for SIP with four machines. Also some detection solutions for specific attacks are provided like two recall methods for CANCEL attack and so on
Keywords
Internet telephony; Petri nets; protocols; security of data; telecommunication security; IP telephony; feedback mechanism; hierarchy colored Petri nets; intrusion detection system; security issues; session initiation protocol; signal based SIP attacks; timed HCPN model; Communication system security; Counting circuits; Feedback; Floods; Information science; Intrusion detection; Packaging; Protocols; Signal detection; Telephony;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
Conference_Location
Vienna
Print_ISBN
0-7695-2775-2
Type
conf
DOI
10.1109/ARES.2007.102
Filename
4159803
Link To Document