Monitoring SIP Traffic Using Support Vector Machines
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
VoIP Security: Attacks and Solutions
Information Security Journal: A Global Perspective
Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks
International Journal of Security and Networks
On Low Distortion Embeddings of Statistical Distance Measures into Low Dimensional Spaces
DEXA '09 Proceedings of the 20th International Conference on Database and Expert Systems Applications
A Survey of Voice over IP Security Research
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Detecting Ringing-Based DoS Attacks on VoIP Proxy Servers
Information Security Applications
Detecting VoIP-specific denial-of-service using change-point method
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 2
RTP-miner: a real-time security framework for RTP fuzzing attacks
Proceedings of the 20th international workshop on Network and operating systems support for digital audio and video
Sketch-based SIP flooding detection using Hellinger distance
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
VoIP malware: attack tool & attack scenarios
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A first order logic security verification model for SIP
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Labeled VoIP data-set for intrusion detection evaluation
EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
A comparison between divergence measures for network anomaly detection
Proceedings of the 7th International Conference on Network and Services Management
DDoS flooding attack detection scheme based on F-divergence
Computer Communications
Flooding attacks detection in backbone traffic using power divergence
Proceedings of the 7th ACM workshop on Performance monitoring and measurement of heterogeneous wireless and wired networks
| Hi-index | 0.00 |
Voice over IP (VoIP) a.k.a. Internet telephony is gaining market share rapidly and now competes favorably as one of the visible applications of the Internet. Nevertheless, being an application running over the TCP/IP protocol suite, it is susceptible to flooding attacks. If flooded, being a time-sensitive service, VoIP voice quality may show noticeable degradation and even encounter sudden service disruptions. Because multiple protocols are involved in VoIP service, and most of them are susceptible to flooding, an effective solution must be able to detect and overcome hybrid floods. As a solution, we offer \emph{VoIP Flood Detection Systems (vFDS)}---an online, statistical anomaly detection framework that generates alerts based on abnormal variations in a selected hybrid collection of traffic flows. It does so by viewing collections of related packet streams as evolving probability distributions and measuring abnormal variations in their relationships using the \emph{Hellinger distance}---a measure of variability between two probability distributions. Experimental results show that vFDS is fast and accurate in detecting flooding attacks, without noticeably increasing call setup times or introducing jitter into the voice streams.