Asgharian et al., 2015 - Google Patents
Feature engineering for detection of Denial of Service attacks in session initiation protocolAsgharian et al., 2015
- Document ID
- 5082249480546795638
- Author
- Asgharian H
- Akbari A
- Raahemi B
- Publication year
- Publication venue
- Security and Communication Networks
External Links
Snippet
Abstract The Session Initiation Protocol (SIP) is a text‐based protocol, which defines the messaging between the SIP entities to establish, maintain, and terminate a multimedia session. Because of the text‐and transaction‐based nature of the SIP protocol, it encounters …
- 230000000977 initiatory 0 title abstract description 10
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Keromytis | A comprehensive survey of voice over IP security research | |
| US8730946B2 (en) | System and method to precisely learn and abstract the positive flow behavior of a unified communication (UC) application and endpoints | |
| US8984627B2 (en) | Network security management | |
| Tas et al. | A novel SIP based distributed reflection denial-of-service attack and an effective defense mechanism | |
| Ling et al. | Torward: Discovery, blocking, and traceback of malicious traffic over tor | |
| US20080263661A1 (en) | Detecting anomalies in signaling flows | |
| Kumar | Denial of service attacks–an updated perspective | |
| Golait et al. | Detecting anomalous behavior in VoIP systems: A discrete event system modeling | |
| Hussain et al. | A comprehensive study of flooding attack consequences and countermeasures in session initiation protocol (sip) | |
| Seo et al. | SIPAD: SIP–VoIP anomaly detection using a stateful rule tree | |
| Manan et al. | Distributed intrusion detection scheme for next generation networks | |
| Keromytis | A survey of voice over IP security research | |
| Asgharian et al. | A framework for SIP intrusion detection and response systems | |
| Sidhardhan et al. | Weaponizing real-world applications as c2 (command and control) | |
| Adenekan | AI-powered threat detection in VoIP networks: A case study on Asterisk | |
| Asgharian et al. | Feature engineering for detection of Denial of Service attacks in session initiation protocol | |
| Wang et al. | A lightweight SDN fingerprint attack defense mechanism based on probabilistic scrambling and controller dynamic scheduling strategies | |
| Bouzida et al. | A framework for detecting anomalies in VoIP networks | |
| Sher et al. | Security threats and solutions for application server of IP multimedia subsystem (IMS-AS) | |
| Shrestha | Security of SIP-based infrastructure against malicious message attacks | |
| Laabid | Botnet command & control detection in iot networks | |
| Ganesan et al. | A scalable detection and prevention scheme for voice over internet protocol (VoIP) signaling attacks using handler with Bloom filter | |
| Asgharian et al. | Detecting Denial of Service message flooding attacks in SIP based services | |
| Vennila et al. | Performance analysis of VoIP spoofing attacks using classification algorithms | |
| Asgharian et al. | Detecting flood-based attacks against SIP proxy servers and clients using engineered feature sets |