Referenced Items are not available for this document.
We propose a prevention system for SIP-based networks which adopts a rule-based approach to build prevention specifications on SIP protocol activities that stop attacks exploiting an existing vulnerability before reaching their targets. Our approach innovates from existing solutions by making use of the contextual information of a vulnerability targeted by an attack to apply the prevention specification. Manually coding these prevention specifications is tedious and error-prone. Our method automatically infers prevention specifications by analyzing captured SIP exploit traffic. The detection engine uses an efficient method based on event graphs to match protocol activities against available prevention specifications. We describe the different components of our approach and show through an extended performance study of the implemented system its applicability to enterprise level VoIP protection.
Published in:
Network and Service Management, IEEE Transactions on
(Volume:9
,
Issue:
2
)
Date of Publication: June 2012
- Page(s):
- 114 - 127
- ISSN :
- 1932-4537
- INSPEC Accession Number:
- 12769063
- Digital Object Identifier :
- 10.1109/TNSM.2012.011812.110125
- Product Type:
- Journals & Magazines
- Date of Publication :
- 23 January 2012
- Date of Current Version :
- 01 June 2012
- Issue Date :
- June 2012
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
