{"title":"一种基于SIP的VoIP DDoS攻击防范方法","authors":"Warda Amalou, M. Mehdi","doi":"10.3390/engproc2022014006","DOIUrl":null,"url":null,"abstract":"Voice over Internet Protocol (VoIP) is a recent technology used to transfer video and voice over the Internet Protocol (IP). Session Initiation Protocol (SIP) is the most widely used protocol for signaling functions in VoIP networks. However, the VoIP service is vulnerable to several potential security threats. Distributed denial of service (DDoS) attack is a dangerous attack that prevents legitimate users from using VoIP services. In this paper, we propose a detection scheme based on the Deep Packet Inspection (DPI) method of analyzing packets to extract attack signatures for implementation in new VoIP DDoS attack detection rules with a low false negative rate. We have included experimental results to confirm the proposed scheme.","PeriodicalId":11748,"journal":{"name":"Engineering Proceedings","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-01-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Approach to Mitigate DDoS Attacks on SIP Based VoIP\",\"authors\":\"Warda Amalou, M. Mehdi\",\"doi\":\"10.3390/engproc2022014006\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Voice over Internet Protocol (VoIP) is a recent technology used to transfer video and voice over the Internet Protocol (IP). Session Initiation Protocol (SIP) is the most widely used protocol for signaling functions in VoIP networks. However, the VoIP service is vulnerable to several potential security threats. Distributed denial of service (DDoS) attack is a dangerous attack that prevents legitimate users from using VoIP services. In this paper, we propose a detection scheme based on the Deep Packet Inspection (DPI) method of analyzing packets to extract attack signatures for implementation in new VoIP DDoS attack detection rules with a low false negative rate. We have included experimental results to confirm the proposed scheme.\",\"PeriodicalId\":11748,\"journal\":{\"name\":\"Engineering Proceedings\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Engineering Proceedings\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/engproc2022014006\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Engineering Proceedings","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/engproc2022014006","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
摘要
VoIP (Voice over Internet Protocol)是一种通过互联网协议(IP)传输视频和语音的新技术。SIP (Session Initiation Protocol)是VoIP网络中应用最广泛的信令协议。然而,VoIP业务容易受到几个潜在的安全威胁。DDoS (Distributed denial of service)攻击是一种阻止合法用户使用VoIP服务的危险攻击。本文提出了一种基于深度包检测(DPI)方法的检测方案,通过对报文进行分析,提取攻击特征,实现低假阴性率的VoIP DDoS攻击检测新规则。我们加入了实验结果来证实所提出的方案。
An Approach to Mitigate DDoS Attacks on SIP Based VoIP
Voice over Internet Protocol (VoIP) is a recent technology used to transfer video and voice over the Internet Protocol (IP). Session Initiation Protocol (SIP) is the most widely used protocol for signaling functions in VoIP networks. However, the VoIP service is vulnerable to several potential security threats. Distributed denial of service (DDoS) attack is a dangerous attack that prevents legitimate users from using VoIP services. In this paper, we propose a detection scheme based on the Deep Packet Inspection (DPI) method of analyzing packets to extract attack signatures for implementation in new VoIP DDoS attack detection rules with a low false negative rate. We have included experimental results to confirm the proposed scheme.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
