We propose an architecture of Intrusion Detection System (IDS) for VoIP using a protocol specification-based detection method to monitor the network traffics and alert administrator for further analysis of and response to suspicious activities. The protocol behaviors and their interactions are described by state machines. Traffic that behaves differently from the standard specifications are considered to be suspicious. The IDS has been implemented and simulated using OPNET Modeler, and verified to detect attacks. It was found that our system can detect typical attacks within a reasonable amount of delay time.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Thyda PHIT, Koki ABE, "A Protocol Specification-Based Intrusion Detection System for VoIP and Its Evaluation" in IEICE TRANSACTIONS on Communications,
vol. E91-B, no. 12, pp. 3956-3965, December 2008, doi: 10.1093/ietcom/e91-b.12.3956.
Abstract: We propose an architecture of Intrusion Detection System (IDS) for VoIP using a protocol specification-based detection method to monitor the network traffics and alert administrator for further analysis of and response to suspicious activities. The protocol behaviors and their interactions are described by state machines. Traffic that behaves differently from the standard specifications are considered to be suspicious. The IDS has been implemented and simulated using OPNET Modeler, and verified to detect attacks. It was found that our system can detect typical attacks within a reasonable amount of delay time.
URL: https://global.ieice.org/en_transactions/communications/10.1093/ietcom/e91-b.12.3956/_p
Copy
@ARTICLE{e91-b_12_3956,
author={Thyda PHIT, Koki ABE, },
journal={IEICE TRANSACTIONS on Communications},
title={A Protocol Specification-Based Intrusion Detection System for VoIP and Its Evaluation},
year={2008},
volume={E91-B},
number={12},
pages={3956-3965},
abstract={We propose an architecture of Intrusion Detection System (IDS) for VoIP using a protocol specification-based detection method to monitor the network traffics and alert administrator for further analysis of and response to suspicious activities. The protocol behaviors and their interactions are described by state machines. Traffic that behaves differently from the standard specifications are considered to be suspicious. The IDS has been implemented and simulated using OPNET Modeler, and verified to detect attacks. It was found that our system can detect typical attacks within a reasonable amount of delay time.},
keywords={},
doi={10.1093/ietcom/e91-b.12.3956},
ISSN={1745-1345},
month={December},}
Copy
TY - JOUR
TI - A Protocol Specification-Based Intrusion Detection System for VoIP and Its Evaluation
T2 - IEICE TRANSACTIONS on Communications
SP - 3956
EP - 3965
AU - Thyda PHIT
AU - Koki ABE
PY - 2008
DO - 10.1093/ietcom/e91-b.12.3956
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E91-B
IS - 12
JA - IEICE TRANSACTIONS on Communications
Y1 - December 2008
AB - We propose an architecture of Intrusion Detection System (IDS) for VoIP using a protocol specification-based detection method to monitor the network traffics and alert administrator for further analysis of and response to suspicious activities. The protocol behaviors and their interactions are described by state machines. Traffic that behaves differently from the standard specifications are considered to be suspicious. The IDS has been implemented and simulated using OPNET Modeler, and verified to detect attacks. It was found that our system can detect typical attacks within a reasonable amount of delay time.
ER -