SIP Flooding Attacks Detection and Prevention Using Shannon, Renyi and Tsallis Entropy

Abstract: Voice over IP (VOIP) network, also known as Internet telephony, is growing increasingly having occupied a large part of the communications market. With the growth of each technology, the related security issues become of particular importance. Taking advantage of this technology in different environments with numerous features put at our disposal, there arises an increasing need to address the security threats. Being IP-based and playing a signaling role in VOIP networks, Session Initiation Protocol (SIP) lets… Show more

“…Specifically, the suspicious probability, P sus , increases to 0.99 whenever an attack is underway, while it is lower than 0.3 when no attack is present due to the inherent randomness in the system. As such, compared to the results presented in [22], where detection probabilities are higher than 93.4%, using our methodology described in Section 5, we achieve a detection probability of 0.99 as seen in Figure 10. Indeed, the probability to detect an ongoing attack is the probability that the suspicious probability is higher than 0.3.…”

“…Furthermore, we believe that both techniques can work simultaneously in order to strengthen the overall security of the system since these tools are not exclusive. In [22], the authors propose to use the entropy as a parameter to detect denial-of-service attacks on the SIP protocol. The detection method proposes a training period where no attacks are active.…”

Primary User Emulation in Cognitive Radio-Enabled WSNs for Structural Health Monitoring: Modeling and Attack Detection

“…Specifically, the suspicious probability, P sus , increases to 0.99 whenever an attack is underway, while it is lower than 0.3 when no attack is present due to the inherent randomness in the system. As such, compared to the results presented in [22], where detection probabilities are higher than 93.4%, using our methodology described in Section 5, we achieve a detection probability of 0.99 as seen in Figure 10. Indeed, the probability to detect an ongoing attack is the probability that the suspicious probability is higher than 0.3.…”

“…Furthermore, we believe that both techniques can work simultaneously in order to strengthen the overall security of the system since these tools are not exclusive. In [22], the authors propose to use the entropy as a parameter to detect denial-of-service attacks on the SIP protocol. The detection method proposes a training period where no attacks are active.…”

Primary User Emulation in Cognitive Radio-Enabled WSNs for Structural Health Monitoring: Modeling and Attack Detection

Experimental Evaluation of Proposed Algorithm for Identifying Abnormal Messages in SIP Network

Machine Learning-Based Security Test Model and Evaluation for SIP-Based DoS Attacks