{"title":"Detecting authentication misuse attacks against SIP entities","authors":"Sajad Pourmohseni, Hassan Asgharian, A. Akbari","doi":"10.1109/ISCISC.2013.6767324","DOIUrl":null,"url":null,"abstract":"Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.","PeriodicalId":265985,"journal":{"name":"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCISC.2013.6767324","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.