CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

An Empirical Study of Security of VoIP System

by Ahmad Ghafarian, Maria Dehghani
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 181 - Number 10
Year of Publication: 2018
Authors: Ahmad Ghafarian, Maria Dehghani
10.5120/ijca2018916399

Ahmad Ghafarian, Maria Dehghani . An Empirical Study of Security of VoIP System. International Journal of Computer Applications. 181, 10 ( Aug 2018), 6-11. DOI=10.5120/ijca2018916399

@article{ 10.5120/ijca2018916399,
author = { Ahmad Ghafarian, Maria Dehghani },
title = { An Empirical Study of Security of VoIP System },
journal = { International Journal of Computer Applications },
issue_date = { Aug 2018 },
volume = { 181 },
number = { 10 },
month = { Aug },
year = { 2018 },
issn = { 0975-8887 },
pages = { 6-11 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume181/number10/29806-2018916399/ },
doi = { 10.5120/ijca2018916399 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:06:07.846800+05:30
%A Ahmad Ghafarian
%A Maria Dehghani
%T An Empirical Study of Security of VoIP System
%J International Journal of Computer Applications
%@ 0975-8887
%V 181
%N 10
%P 6-11
%D 2018
%I Foundation of Computer Science (FCS), NY, USA
Abstract

As VoIP (Voice-over-IP) Services are becoming more popular, various types of attacks against them are increasing. SIP (Session Initiation Protocol) is the main protocol that is used in VoIP. SIP is subject to various types of attacks including DoS (Denial-of-Service) attack. This paper reports our experiment of simulating VoIP system using existing open source tools and technology. The simulated VoIP system is used to demonstrate a normal VoIP communication, launching DoS flooding attacks against SIP and implementing a successful Snort-based Intrusion Detection System (IDS) capable of catching suspicious SIP messages. Additionally, we propose a new VoIP architecture, which is based on buffering all incoming messages from clients with the intention of processing the messages in the buffer before they are forwarded to the destination.

References
  1. S. Ehlert, Y. Rebahi, and T. Magedanz, ‘Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks’, Int. J. Security and Networks, vol. 4, no. 3, pp. 189–200, 2009.
  2. S. Ehlert, G. Zhang, and D. Geneiatakis, "Two layer Denial of Service prevention on SIP VoIP infrastructure”, Computer Communications, vol 31, pp. 2443-2456, 2008.
  3. Z. Fan, and X. Wan, “The Design and Realization of SIP DoS attack Detection Plugin Based on Balanced Message Number Principle”, Proceedings of ICCTA, pp. 780-784, 2009.
  4. B. Goode, “Voice over Internet protocol (VoIP)”, Proceedings of the IEEE ,vol 90 ,  Issue 9 , 2002.
  5. S. McGann, and D. C. Sicker. “An Analysis of Security Threats and Tools in SIP-Based VoIP Systems”, University of Colorado Boulder, 2005.
  6. J. Markl, J. Dočkal, “Deployment of Snort IDS in SIP based VoIP environments”, Security and Protection of Information 2007.
  7. S. Niccolini, R. G. Garroppo, S. Giordano , G. Risi, and S. Ventura, “SIP Intrusion Detection and Prevention: Recommendations and Prototype Implementation”, IEEE, vol 5, no 6, 2006.
  8. G. Ormazabal, S. Nagpal, E.Yardeni, and H. Schulzrinne. “Secure SIP: A Scalable Prevention Mechanism for DoS Attacks on SIP Based VoIP Systems.” H. Schulzrinne, R. State, and S. Niccolini (Eds.): IPTComm 2008, LNCS 5310, pp. 107–132, 2008.
  9. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Spark, M. Handley, and E. Schooler, Session Initiation Protocol, no. RFC 3261, 2002.
  10. D. Sisalem, and J. Kuthan “Denial of Service Attacks and SIP Infrastructure: Attack Scenarios and Prevention Mechanisms”, Network IEEE, Vol 20, Issue 5, pp. 26-31, 2006.
  11. Snort, www.snort.org
  12. M. Voznak, and J. Safarik, "SIP proxy robustness against DoS attacks", Proceedings of the Applied Computing Conference, pp. 223-227, 2011.
  13. VMware.com. virtualization for desktop, available at VMware.com.
Index Terms

Computer Science
Information Sciences

Keywords

VoIP DoS denial of service attack snort IDS intrusion detection system SIP session initiation protocol.

Powered by PhDFocusTM