Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints
The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the app...
Ausführliche Beschreibung
Gespeichert in:
| Autor*in: |
Dassouki, Khaled [verfasserIn] |
|---|
| Format: |
Artikel |
|---|---|
| Sprache: |
Englisch |
| Erschienen: |
2017 |
|---|
| Rechteinformationen: |
Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. |
|---|
| Schlagwörter: |
|---|
| Übergeordnetes Werk: |
Enthalten in: Computers & security - Kidlington, Oxford : Elsevier, 1982, 70(2017), Seite 618 |
|---|---|
| Übergeordnetes Werk: |
volume:70 ; year:2017 ; pages:618 |
| Links: |
|---|
| DOI / URN: |
10.1016/j.cose.2017.08.003 |
|---|
| Katalog-ID: |
OLC1997711443 |
|---|
| LEADER | 01000caa a2200265 4500 | ||
|---|---|---|---|
| 001 | OLC1997711443 | ||
| 003 | DE-627 | ||
| 005 | 20230715074946.0 | ||
| 007 | tu | ||
| 008 | 171125s2017 xx ||||| 00| ||eng c | ||
| 024 | 7 | |a 10.1016/j.cose.2017.08.003 |2 doi | |
| 028 | 5 | 2 | |a PQ20171125 |
| 035 | |a (DE-627)OLC1997711443 | ||
| 035 | |a (DE-599)GBVOLC1997711443 | ||
| 035 | |a (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 | ||
| 035 | |a (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rakwb | ||
| 041 | |a eng | ||
| 082 | 0 | 4 | |a 004 |q DE-600 |
| 100 | 1 | |a Dassouki, Khaled |e verfasserin |4 aut | |
| 245 | 1 | 0 | |a Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints |
| 264 | 1 | |c 2017 | |
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a ohne Hilfsmittel zu benutzen |b n |2 rdamedia | ||
| 338 | |a Band |b nc |2 rdacarrier | ||
| 520 | |a The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. | ||
| 540 | |a Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. | ||
| 650 | 4 | |a Algorithms | |
| 650 | 4 | |a Computer network protocols | |
| 650 | 4 | |a Floods | |
| 700 | 1 | |a Safa, Haidar |4 oth | |
| 700 | 1 | |a Nassar, Mohamed |4 oth | |
| 700 | 1 | |a Hijazi, Abbas |4 oth | |
| 773 | 0 | 8 | |i Enthalten in |t Computers & security |d Kidlington, Oxford : Elsevier, 1982 |g 70(2017), Seite 618 |w (DE-627)130549738 |w (DE-600)782630-8 |w (DE-576)016107063 |x 0167-4048 |7 nnns |
| 773 | 1 | 8 | |g volume:70 |g year:2017 |g pages:618 |
| 856 | 4 | 1 | |u http://dx.doi.org/10.1016/j.cose.2017.08.003 |3 Volltext |
| 912 | |a GBV_USEFLAG_A | ||
| 912 | |a SYSFLAG_A | ||
| 912 | |a GBV_OLC | ||
| 912 | |a SSG-OLC-MAT | ||
| 912 | |a GBV_ILN_21 | ||
| 912 | |a GBV_ILN_70 | ||
| 951 | |a AR | ||
| 952 | |d 70 |j 2017 |h 618 | ||
| author_variant |
k d kd |
|---|---|
| matchkey_str |
article:01674048:2017----::rtcigrmlubsdifodnatcsyeeaigeprl |
| hierarchy_sort_str |
2017 |
| publishDate |
2017 |
| allfields |
10.1016/j.cose.2017.08.003 doi PQ20171125 (DE-627)OLC1997711443 (DE-599)GBVOLC1997711443 (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera DE-627 ger DE-627 rakwb eng 004 DE-600 Dassouki, Khaled verfasserin aut Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints 2017 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. Algorithms Computer network protocols Floods Safa, Haidar oth Nassar, Mohamed oth Hijazi, Abbas oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 70(2017), Seite 618 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:70 year:2017 pages:618 http://dx.doi.org/10.1016/j.cose.2017.08.003 Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 AR 70 2017 618 |
| spelling |
10.1016/j.cose.2017.08.003 doi PQ20171125 (DE-627)OLC1997711443 (DE-599)GBVOLC1997711443 (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera DE-627 ger DE-627 rakwb eng 004 DE-600 Dassouki, Khaled verfasserin aut Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints 2017 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. Algorithms Computer network protocols Floods Safa, Haidar oth Nassar, Mohamed oth Hijazi, Abbas oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 70(2017), Seite 618 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:70 year:2017 pages:618 http://dx.doi.org/10.1016/j.cose.2017.08.003 Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 AR 70 2017 618 |
| allfields_unstemmed |
10.1016/j.cose.2017.08.003 doi PQ20171125 (DE-627)OLC1997711443 (DE-599)GBVOLC1997711443 (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera DE-627 ger DE-627 rakwb eng 004 DE-600 Dassouki, Khaled verfasserin aut Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints 2017 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. Algorithms Computer network protocols Floods Safa, Haidar oth Nassar, Mohamed oth Hijazi, Abbas oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 70(2017), Seite 618 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:70 year:2017 pages:618 http://dx.doi.org/10.1016/j.cose.2017.08.003 Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 AR 70 2017 618 |
| allfieldsGer |
10.1016/j.cose.2017.08.003 doi PQ20171125 (DE-627)OLC1997711443 (DE-599)GBVOLC1997711443 (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera DE-627 ger DE-627 rakwb eng 004 DE-600 Dassouki, Khaled verfasserin aut Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints 2017 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. Algorithms Computer network protocols Floods Safa, Haidar oth Nassar, Mohamed oth Hijazi, Abbas oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 70(2017), Seite 618 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:70 year:2017 pages:618 http://dx.doi.org/10.1016/j.cose.2017.08.003 Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 AR 70 2017 618 |
| allfieldsSound |
10.1016/j.cose.2017.08.003 doi PQ20171125 (DE-627)OLC1997711443 (DE-599)GBVOLC1997711443 (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera DE-627 ger DE-627 rakwb eng 004 DE-600 Dassouki, Khaled verfasserin aut Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints 2017 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V. Algorithms Computer network protocols Floods Safa, Haidar oth Nassar, Mohamed oth Hijazi, Abbas oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 70(2017), Seite 618 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:70 year:2017 pages:618 http://dx.doi.org/10.1016/j.cose.2017.08.003 Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 AR 70 2017 618 |
| language |
English |
| source |
Enthalten in Computers & security 70(2017), Seite 618 volume:70 year:2017 pages:618 |
| sourceStr |
Enthalten in Computers & security 70(2017), Seite 618 volume:70 year:2017 pages:618 |
| format_phy_str_mv |
Article |
| institution |
findex.gbv.de |
| topic_facet |
Algorithms Computer network protocols Floods |
| dewey-raw |
004 |
| isfreeaccess_bool |
false |
| container_title |
Computers & security |
| authorswithroles_txt_mv |
Dassouki, Khaled @@aut@@ Safa, Haidar @@oth@@ Nassar, Mohamed @@oth@@ Hijazi, Abbas @@oth@@ |
| publishDateDaySort_date |
2017-01-01T00:00:00Z |
| hierarchy_top_id |
130549738 |
| dewey-sort |
14 |
| id |
OLC1997711443 |
| language_de |
englisch |
| fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a2200265 4500</leader><controlfield tag="001">OLC1997711443</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230715074946.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">171125s2017 xx ||||| 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1016/j.cose.2017.08.003</subfield><subfield code="2">doi</subfield></datafield><datafield tag="028" ind1="5" ind2="2"><subfield code="a">PQ20171125</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC1997711443</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBVOLC1997711443</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">DE-600</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Dassouki, Khaled</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2017</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources.</subfield></datafield><datafield tag="540" ind1=" " ind2=" "><subfield code="a">Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Algorithms</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer network protocols</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Floods</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Safa, Haidar</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Nassar, Mohamed</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Hijazi, Abbas</subfield><subfield code="4">oth</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computers & security</subfield><subfield code="d">Kidlington, Oxford : Elsevier, 1982</subfield><subfield code="g">70(2017), Seite 618</subfield><subfield code="w">(DE-627)130549738</subfield><subfield code="w">(DE-600)782630-8</subfield><subfield code="w">(DE-576)016107063</subfield><subfield code="x">0167-4048</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:70</subfield><subfield code="g">year:2017</subfield><subfield code="g">pages:618</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">http://dx.doi.org/10.1016/j.cose.2017.08.003</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_21</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">70</subfield><subfield code="j">2017</subfield><subfield code="h">618</subfield></datafield></record></collection>
|
| author |
Dassouki, Khaled |
| spellingShingle |
Dassouki, Khaled ddc 004 misc Algorithms misc Computer network protocols misc Floods Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints |
| authorStr |
Dassouki, Khaled |
| ppnlink_with_tag_str_mv |
@@773@@(DE-627)130549738 |
| format |
Article |
| dewey-ones |
004 - Data processing & computer science |
| delete_txt_mv |
keep |
| author_role |
aut |
| collection |
OLC |
| remote_str |
false |
| illustrated |
Not Illustrated |
| issn |
0167-4048 |
| topic_title |
004 DE-600 Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints Algorithms Computer network protocols Floods |
| topic |
ddc 004 misc Algorithms misc Computer network protocols misc Floods |
| topic_unstemmed |
ddc 004 misc Algorithms misc Computer network protocols misc Floods |
| topic_browse |
ddc 004 misc Algorithms misc Computer network protocols misc Floods |
| format_facet |
Aufsätze Gedruckte Aufsätze |
| format_main_str_mv |
Text Zeitschrift/Artikel |
| carriertype_str_mv |
nc |
| author2_variant |
h s hs m n mn a h ah |
| hierarchy_parent_title |
Computers & security |
| hierarchy_parent_id |
130549738 |
| dewey-tens |
000 - Computer science, knowledge & systems |
| hierarchy_top_title |
Computers & security |
| isfreeaccess_txt |
false |
| familylinks_str_mv |
(DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 |
| title |
Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints |
| ctrlnum |
(DE-627)OLC1997711443 (DE-599)GBVOLC1997711443 (PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00 (KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera |
| title_full |
Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints |
| author_sort |
Dassouki, Khaled |
| journal |
Computers & security |
| journalStr |
Computers & security |
| lang_code |
eng |
| isOA_bool |
false |
| dewey-hundreds |
000 - Computer science, information & general works |
| recordtype |
marc |
| publishDateSort |
2017 |
| contenttype_str_mv |
txt |
| container_start_page |
618 |
| author_browse |
Dassouki, Khaled |
| container_volume |
70 |
| class |
004 DE-600 |
| format_se |
Aufsätze |
| author-letter |
Dassouki, Khaled |
| doi_str_mv |
10.1016/j.cose.2017.08.003 |
| dewey-full |
004 |
| title_sort |
protecting from cloud-based sip flooding attacks by leveraging temporal and structural fingerprints |
| title_auth |
Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints |
| abstract |
The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. |
| abstractGer |
The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. |
| abstract_unstemmed |
The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources. |
| collection_details |
GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 |
| title_short |
Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints |
| url |
http://dx.doi.org/10.1016/j.cose.2017.08.003 |
| remote_bool |
false |
| author2 |
Safa, Haidar Nassar, Mohamed Hijazi, Abbas |
| author2Str |
Safa, Haidar Nassar, Mohamed Hijazi, Abbas |
| ppnlink |
130549738 |
| mediatype_str_mv |
n |
| isOA_txt |
false |
| hochschulschrift_bool |
false |
| author2_role |
oth oth oth |
| doi_str |
10.1016/j.cose.2017.08.003 |
| up_date |
2024-07-04T03:30:18.874Z |
| _version_ |
1803617638941720576 |
| fullrecord_marcxml |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a2200265 4500</leader><controlfield tag="001">OLC1997711443</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230715074946.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">171125s2017 xx ||||| 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1016/j.cose.2017.08.003</subfield><subfield code="2">doi</subfield></datafield><datafield tag="028" ind1="5" ind2="2"><subfield code="a">PQ20171125</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC1997711443</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBVOLC1997711443</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(PRQ)g954-ef704b83f1dab8c1b375b2acdffedb715ab1609b2d4ffde068d9e490a2031ce00</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(KEY)0111913320170000070000000618protectingfromcloudbasedsipfloodingattacksbylevera</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">DE-600</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Dassouki, Khaled</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2017</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">The session initiation protocol (SIP) is among the most popular voice over IP (VoIP) signaling protocols. Like other Internet protocols, deployment in live scenarios showed its vulnerability to flooding attacks. These attacks are very similar to those against TCP protocol but have emerged at the application level of the Internet architecture. In this paper, we present a new approach to protect SIP devices from flooding attacks. Our proposed approach is mainly composed of two algorithms: 1) a detection algorithm that takes into consideration the temporal characteristics of SIP protocol as well as the fingerprints of its messages and 2) a mitigation algorithm that filters SIP messages based on a fingerprint whitelist database. We evaluate our approach through an extensive set of experimental tests using widely distributed virtual machines in the cloud and compare to similar approaches found in the literature. The experiments emulate a large flooding attack launched from mutually distant geographic data centers. The results report short detection time, low sensibility to false alarms and high effectiveness in reducing the computational resources.</subfield></datafield><datafield tag="540" ind1=" " ind2=" "><subfield code="a">Nutzungsrecht: © COPYRIGHT 2017 Elsevier B.V.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Algorithms</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer network protocols</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Floods</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Safa, Haidar</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Nassar, Mohamed</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Hijazi, Abbas</subfield><subfield code="4">oth</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computers & security</subfield><subfield code="d">Kidlington, Oxford : Elsevier, 1982</subfield><subfield code="g">70(2017), Seite 618</subfield><subfield code="w">(DE-627)130549738</subfield><subfield code="w">(DE-600)782630-8</subfield><subfield code="w">(DE-576)016107063</subfield><subfield code="x">0167-4048</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:70</subfield><subfield code="g">year:2017</subfield><subfield code="g">pages:618</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">http://dx.doi.org/10.1016/j.cose.2017.08.003</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_21</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">70</subfield><subfield code="j">2017</subfield><subfield code="h">618</subfield></datafield></record></collection>
|
| score |
7.4022093 |