VoIP defender: highly scalable SIP-based security architecture

Authors:
Jens Fiedler;Tomas Kupka;Sven Ehlert;Thomas Magedanz;Dorgham Sisalem
Affiliations:
Fraunhofer Institute for Open Communications Systems - FOKUS, Berlin, Germany;Fraunhofer Institute for Open Communications Systems - FOKUS, Berlin, Germany;Fraunhofer Institute for Open Communications Systems - FOKUS, Berlin, Germany;Fraunhofer Institute for Open Communications Systems - FOKUS, Berlin, Germany;TEKELEC Corp., Am Borsigturm, Berlin, Germany
Venue:
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Year:
2007

Citing 2
Cited 10

Survey of security vulnerabilities in session initiation protocol

IEEE Communications Surveys & Tutorials
Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms

IEEE Network: The Magazine of Global Internetworking

A Self-learning System for Detection of Anomalous SIP Messages

Principles, Systems and Applications of IP Telecommunications. Services and Security for Next Generation Networks
VoIP: A comprehensive survey on a promising technology

Computer Networks: The International Journal of Computer and Telecommunications Networking
Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks

International Journal of Security and Networks
Using game theory to configure P2P SIP

Proceedings of the 3rd International Conference on Principles, Systems and Applications of IP Telecommunications
SecSip: a stateful firewall for SIP-based networks

IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Protecting SIP against very large flooding DoS attacks

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
A first order logic security verification model for SIP

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Labeled VoIP data-set for intrusion detection evaluation

EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
Analysis of token and ticket based mechanisms for current VoIP security issues and enhancement proposal

CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Review: VoIP: State of art for global connectivity-A critical review

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

VoIP services are becoming increasingly a big competition to existing telephony services (POTS / ISDN). The increasing number of customers using VoIP makes VoIP services a valuable target for attackers that want to bring down the service, take it over or simply abuse it to distribute their own content, like SPAM. Hence, the need arises to protect VoIP services from all kinds of attacks that target network bandwidth, server capacity or server architectural constrains. In this article we present VoIP Defender, a generic security architecture, called VoIP-Defender, to monitor, detect, analyze and counter attacks relevant for a SIP-based VoIP infrastructure. The VoIP-Defender is highly scalable and can be easily extended with new detection algorithms. Analysis and traffic control can be performed from the SIP layer down to the transport-, network- and MAC layer. VoIP Defender is designed to work fully transparent to clients and SIP servers, and can analyze and filter traffic in real time, which we demonstrate with measurements with our implementation.