Analysis of SIP Traffic Behavior with NetFlow-based Statistical Information
نویسندگان
چکیده
With the population of an internet telephony, the security issues of a SIP application service is focused on, currently. For example, VoIP is easier to access than existing PSTN, and more exposed at many security threats. However, there is not enough monitoring and attack detecting devices, yet. In this paper, we propose analysis factors, a detection example to use it and required collecting information for the detection to analyze and monitor SIP traffic. Basically, we use NetFlow format, for collecting SIP information that is commonly used for broadband traffic monitoring.
منابع مشابه
Detecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملNetwork congestion control using NetFlow
The goal of congestion control is to avoid congestion in network elements. A network element is congested if it is being offered more traffic than it can process. To detect such situations and to neutralize them we should monitor traffic in the network. In this paper, we propose using Cisco’s NetFlow technology, which allows collecting statistics about traffic in the network by generating speci...
متن کاملA NetFlow based flow analysis and monitoring system in enterprise networks
In this paper, a flow analysis and monitoring system based on NetFlow is introduced. The system is built on a Browser– Server framework, aimed at enterprise networks. Data collection and display are separated into two modules, which makes the system clearly demarcated and easy to deploy. The data collection module receives and analyzes NetFlow-exported packets and inserts per flow record inform...
متن کاملA VoIP Traffic Monitoring System based on NetFlow v9
With the development of VoIP (Voice over IP) service, new security threats are expected to be appeared. However, existing IP network security solutions can not detect new VoIP specified network threats because they can not reflect characteristics of VoIP. In this paper, we propose a novel system that can monitor VoIP service and detect VoIP network threats practically. The proposed system colle...
متن کامل