All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Using Application-Aware Flow Monitoring for SIP Fraud Detection

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F15%3A00230407" target="_blank" >RIV/68407700:21240/15:00230407 - isvavai.cz</a>

  • Alternative codes found

    RIV/00216305:26230/15:PU116960

  • Result on the web

    <a href="http://link.springer.com/chapter/10.1007/978-3-319-20034-7_10" target="_blank" >http://link.springer.com/chapter/10.1007/978-3-319-20034-7_10</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-319-20034-7_10" target="_blank" >10.1007/978-3-319-20034-7_10</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Using Application-Aware Flow Monitoring for SIP Fraud Detection

  • Original language description

    Flow monitoring helps to discover many network security threats targeted to various applications or network protocols. In this paper, we show usage of the flow data for analysis of a Voice over IP (VoIP) traffic and a threat detection. A traditionally used flow record is insufficient for this purpose and therefore it was extended by application-layer information. In particular, we focus on the Session Initiation Protocol (SIP) and the type of a toll-fraud in which an attacker tries to exploit poor configuration of a private branch exchange (PBX). The attacker?s motivation is to make unauthorized calls to PSTN numbers that are usually charged at high rates and owned by the attacker. As a result, a successful attack can cause a significant financial lossto the owner of PBX. We propose a method for stream-wise and near real-time analysis of the SIP traffic and detection of the described threat. The method was implemented as a module of the Nemea system and deployed on a backbone network.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/ED1.1.00%2F02.0070" target="_blank" >ED1.1.00/02.0070: IT4Innovations Centre of Excellence</a><br>

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2015

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Intelligent Mechanisms for Network Configuration and Security

  • ISBN

    978-3-319-20033-0

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    13

  • Pages from-to

    87-99

  • Publisher name

    Springer International Publishing

  • Place of publication

    Cham

  • Event location

    Ghent

  • Event date

    Jun 22, 2015

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000363692200010

Similar results(10)

Hunting SIP Authentication Attacks EfficientlyHunting SIP Authentication Attacks EfficientlyDetection of SIP Scans and Bruteforce Attacks