A distributed cooperative detection scheme for SPIT attacks in SIP based systems

In this paper, we focus on the detection of the Spam over Internet Telephony (SPIT) attacks targeting the Session Initiation Protocol (SIP) protocol during its signaling process. Though, a host of solutions have been proposed to detect and mitigate SPIT attacks in VoIP and SIP based systems, cooperation among local detection systems is so far neglected as a scheme to leverage the entire security of the system and lower the attacks detection duration. We propose a distributed cooperative detection method to detect SPIT attacks based on cooperation between several detection gateways in order to decrease the detection duration of any given SPIT source. An analytical study is conducted to demonstrate the betterments achieved by our distributed cooperative scheme in terms of reduced attack detection duration.

[1]  Cullen Jennings,et al.  The Session Initiation Protocol (SIP) and Spam , 2008, RFC.

[2]  R. MacIntosh,et al.  Detection and mitigation of spam in IP telephony networks using signaling protocol analysis , 2005, IEEE/Sarnoff Symposium on Advances in Wired and Wireless Communication, 2005..

[3]  Haitao Li,et al.  Research on Man-in-the-Middle Denial of Service Attack in SIP VoIP , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[4]  Jon Peterson,et al.  Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) , 2006, RFC.

[5]  Abdelfettah Belghith,et al.  A Distributed Clustering Algorithm without an Explicit Neighbourhood Knowledge , 2007 .

[6]  Abdelfettah Belghith,et al.  Slotted stream tapping , 2004, NRBC '04.

[7]  Bettina Schnor,et al.  Using PGP Signatures for Securing SIP Infrastructures , 2012, ICON 2012.

[8]  Dongwook Shin,et al.  Progressive multi gray-leveling: a voice spam protection algorithm , 2006, IEEE Network.

[9]  A. Gazdar,et al.  Discrete interactive staggered broadcasting , 2004, First IEEE Consumer Communications and Networking Conference, 2004. CCNC 2004..