ABSTRACT
With the widespread adoption of SIP-based VoIP, understanding the characteristics of SIP traffic behavior is critical to problem diagnosis and security protection of IP Telephony. In this paper, we propose a general methodology for profiling SIP-based VoIP traffic behavior at multiple levels: SIP server host, server entity and individual user levels. Using SIP traffic traces captured in a production VoIP service, we illustrate the characteristics of SIP-based VoIP traffic behavior in an operational network and demonstrate the effectiveness of our general profiling methodology. In particular, we show how our profiling methodology can help identify performance anomalies through a case study.
- J. Rosenberg, H. Schulzrinne, G. Camarillo, P. J. Johnston, A. R. Sparks, M. Handley, and E. Schooler. SIP: Session Initiation Protocol. RFC 3261, June 2002. Google ScholarDigital Library
- N. Wosnack. A Vonage VoIP 3-way call CID spooning vulnerability, 2003. http://www.hackcanada.com/canadian/phreaking/voip-vonage-vulnerability.html.Google Scholar
- S. McGann and D. C. Sicker. An analysis of security threats and tools in SIP-Based VoIP Systems. In 2nd Workshop on Securing Voice over IP, June 2005.Google Scholar
- D. Geneiatakis, T. Dagiuklas, C. Lambrinoudakis, G. Kambourakis, and S. Gritzalis. Novel Protecting Mechanism for SIP-Based Infrastructure against Malformed Message Attacks: Performance Evaluation Study. In Proc. of the 5th International Conference on Communication Systems, Networks and Digital Signal Processing (CSNDSP'06), July 2006.Google Scholar
- D. Geneiatakis, G. Kambourakis, T. Dagiuklas, C. Lambrinoudakis, and S. Gritzalis. SIP message tampering: The SQL code injection attack. In Proc. IEEE of SoftCOM, Sept. 2005.Google Scholar
- B. Reynolds, D. Ghosal, C. -N. Chuah, and S. F. Wu. Vulnerability analysis and a security architecture for IP telephony. In IEEE GlobeCom Workshop on VoIP Security: Challenges and Solutions, Nov. 2004.Google Scholar
- B. Reynolds and D. Ghosal. Secure IP telephony using multi-layered protection. In Proc. of Network and Distributed System Security Symposium(NDSS'03), Feb. 2003.Google Scholar
- Y.-S. Wu, S. Bagchi, S. Garg, and N. Singh. SCIDIVE: a stateful and cross protocol intrusion detection architecture for Voice-over-IP environments. In Proc. of the 2004 International Conference on Dependable Systems and Networks (DSN'04), pages 433--442, June 2004. Google ScholarDigital Library
- R. Dantu and P. Kolan. Detecting spam in VoIP networks. In Proc. of USENIX, SRUTI Workshop, pages 31--37, July 2005. Google ScholarDigital Library
- H. J. Kang, Z.-L. Zhang, S. Ranjan, and A. Nucci. SIP-based VoIP traffic behavior profiling and its applications. Technical report, NARUS, July 2006.Google Scholar
Index Terms
- SIP-based VoIP traffic behavior profiling and its applications
Recommendations
A comparative analysis of protocols for VoIP services
Although the widespread of broadband network has boosted the deployment of voice over IP (VoIP) systems, most part of the telephone service is still provided on the traditional PSTN lines. It can be expected that the transition from traditional telephone ...
An Analysis of Security Implications in Session Initiation Protocol (SIP)
AMS '13: Proceedings of the 2013 7th Asia Modelling SymposiumVoice over IP (VoIP) has become an indispensible part of our life as individuals, organizations, and corporate move from traditional Plain Old Telephony Systems (POTS) to VoIP based systems. This allows the cost to make or receive calls come down ...
Comparison SIP and IAX to Voice Packet Signaling over VOIP
TRUSTCOM '13: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and CommunicationsWithin the VolP networks environment, there are three protocols that solve the problem of voice packet signaling, known as "highlight protocols": H323, SIP and IAX. Particularly, this document focuses on a specific difference between SIP and IAX: the ...
Comments