Reynolds et al., 2003 - Google Patents
Secure IP Telephony using Multi-layered Protection.Reynolds et al., 2003
View PDF- Document ID
- 461950871894545336
- Author
- Reynolds B
- Ghosal D
- Publication year
- Publication venue
- NDSS
External Links
Snippet
This paper presents the design and analysis of a multilayer protection scheme against denial-of-service (DoS) attacks in IP telephony enabled enterprise networks. While there are many types of DoS attacks, we focus on flood-based attacks using application layer and …
- 238000001514 detection method 0 abstract description 39
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Reynolds et al. | Secure IP Telephony using Multi-layered Protection. | |
| US7764612B2 (en) | Controlling access to a host processor in a session border controller | |
| US8635693B2 (en) | System and method for testing network firewall for denial-of-service (DoS) detection and prevention in signaling channel | |
| Gu et al. | Denial of service attacks | |
| US8407342B2 (en) | System and method for detecting and preventing denial of service attacks in a communications system | |
| US7716729B2 (en) | Method for responding to denial of service attacks at the session layer or above | |
| KR100796996B1 (en) | Method and apparatus for protection from overload conditions on nodes in a distributed network | |
| EP2105003B1 (en) | Method and apparatus to control application messages between a client and a server having a private network address | |
| US7930740B2 (en) | System and method for detection and mitigation of distributed denial of service attacks | |
| US20080089494A1 (en) | System and Method for Securing a Telephone System Comprising Circuit Switched and IP Data Networks | |
| EP2081356A1 (en) | Method of and telecommunication apparatus for SIP anomaly detection in IP networks | |
| Ehlert et al. | Specification-based denial-of-service detection for sip voice-over-ip networks | |
| Wang et al. | Voice pharming attack and the trust of VoIP | |
| JP4602158B2 (en) | Server equipment protection system | |
| Fowler et al. | Impact of denial of service solutions on network quality of service | |
| JP4322179B2 (en) | Denial of service attack prevention method and system | |
| Deng et al. | Advanced flooding attack on a SIP server | |
| Hussain et al. | A lightweight countermeasure to cope with flooding attacks against session initiation protocol | |
| KR101095878B1 (en) | System and method for detecting and blocking SIP protocol denial-of-service attack using hidden Markov model | |
| Reynolds et al. | STEM: secure telephony enabled middlebox | |
| Reynolds | Enabling secure ip telephony in enterprise networks | |
| Ehlert | Denial-of-service detection and mitigation for SIP communication networks. | |
| Martin et al. | Security Issues of VoIP | |
| Wulff et al. | New Approaches to Mitigation of Malicious Traffic in VoIP Networks | |
| KR20100027829A (en) | SPI Attack Detection System and Method using Virtual Proxy Server |