Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
VoIP Intrusion Detection Through Interacting Protocol State Machines
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Billing attacks on SIP-based VoIP systems
WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
VoIP defender: highly scalable SIP-based security architecture
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Survey of security vulnerabilities in session initiation protocol
IEEE Communications Surveys & Tutorials
Enforcing security with behavioral fingerprinting
Proceedings of the 7th International Conference on Network and Services Management
SIPAD: SIP-VoIP Anomaly Detection using a Stateful Rule Tree
Computer Communications
Hi-index | 0.00 |
SIP-based networks are becoming the de-facto standard for voice, video and instant messaging services. Being exposed to many threats while playing an major role in the operation of essential services, the need for dedicated security management approaches is rapidly increasing. In this paper we present an original security management approach based on a specific vulnerability aware SIP stateful firewall. Through known attack descriptions, we illustrate the power of the configuration language of the firewall which uses the capability to specify stateful objects that track data from multiple SIP elements within their lifetime. We demonstrate through measurements on a real implementation of the firewall its efficiency and performance.