Intrusion detection mechanisms for VoIP applications

VoIP applications are emerging today as an important component in business and communication industry. In this paper, we address the intrusion detection and prevention in VoIP networks and describe how a conceptual solution based on the Bayes inference approach can be used to reinforce the existent security mechanisms. Our approach is based on network monitoring and analyzing of the VoIP-specific traffic. We give a detailed example on attack detection using the SIP signaling protocol.

[1]  Y. Rebahi,et al.  SIP Service Providers and The Spam Problem , 2005 .

[2]  Harold S. Javitz,et al.  The SRI IDES statistical anomaly detector , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Heison Chak VoIP Security , 2006, USENIX Annual Technical Conference, General Track.

[4]  Christopher Krügel,et al.  Service specific anomaly detection for network intrusion detection , 2002, SAC '02.

[5]  Saurabh Bagchi,et al.  SCIDIVE: a stateful and cross protocol intrusion detection architecture for voice-over-IP environments , 2004, International Conference on Dependable Systems and Networks, 2004.

[6]  Dipak Ghosal,et al.  Secure IP Telephony using Multi-layered Protection , 2003, NDSS.

[7]  Judea Pearl,et al.  Probabilistic reasoning in intelligent systems - networks of plausible inference , 1991, Morgan Kaufmann series in representation and reasoning.

[8]  P. Thermos,et al.  Vulnerabilities in SOHO VoIP gateways , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[9]  Christopher Krügel,et al.  A multi-model approach to the detection of web-based attacks , 2005, Comput. Networks.

[10]  Alfonso Valdes,et al.  Adaptive, Model-Based Monitoring for Cyber Attack Detection , 2000, Recent Advances in Intrusion Detection.