Hunting SIP Authentication Attacks Efficiently
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F17%3A00312435" target="_blank" >RIV/68407700:21240/17:00312435 - isvavai.cz</a>
Alternative codes found
RIV/63839172:_____/17:10132899
Result on the web
<a href="https://link.springer.com/chapter/10.1007/978-3-319-60774-0_9" target="_blank" >https://link.springer.com/chapter/10.1007/978-3-319-60774-0_9</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-319-60774-0_9" target="_blank" >10.1007/978-3-319-60774-0_9</a>
Alternative languages
Result language
angličtina
Original language name
Hunting SIP Authentication Attacks Efficiently
Original language description
Extended flow records with application layer (L7) information allow for detection of various types of malicious traffic. Voice over IP (VoIP) is an example of technology that works on L7 and many attacks against it cannot be reliably detected using just basic flow information. Session Initiation Protocol (SIP), which is commonly used for VoIP signalling, is a frequent target of many types of attacks. This paper proposes and evaluates a novel algorithm for near real time detection of username scanning and password guessing attacks on SIP servers. The detection is based on analysis of L7 extended flow records.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
20206 - Computer hardware and architecture
Result continuities
Project
<a href="/en/project/EF16_013%2F0001797" target="_blank" >EF16_013/0001797: CESNET E-Infrastructure - Modernisation</a><br>
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2017
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Security of Networks and Services in an All-Connected World
ISBN
978-3-319-60773-3
ISSN
0302-9743
e-ISSN
—
Number of pages
6
Pages from-to
125-130
Publisher name
Springer
Place of publication
Basel
Event location
Zurich
Event date
Jul 10, 2017
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—