Skip to Main content Skip to Navigation
New interface
Conference papers

Hunting SIP Authentication Attacks Efficiently

Abstract : Extended flow records with application layer (L7) information allow for detection of various types of malicious traffic. Voice over IP (VoIP) is an example of technology that works on L7 and many attacks against it cannot be reliably detected using just basic flow information. Session Initiation Protocol (SIP), which is commonly used for VoIP signalling, is a frequent target of many types of attacks. This paper proposes and evaluates a novel algorithm for near real time detection of username scanning and password guessing attacks on SIP servers. The detection is based on analysis of L7 extended flow records.
Complete list of metadata

Cited literature [5 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Friday, June 1, 2018 - 4:01:21 PM
Last modification on : Tuesday, January 19, 2021 - 10:16:03 AM
Long-term archiving on: : Sunday, September 2, 2018 - 3:51:32 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Tomáš Jansky, Tomáš Čejka, Václav Bartoš. Hunting SIP Authentication Attacks Efficiently. 11th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jul 2017, Zurich, Switzerland. pp.125-130, ⟨10.1007/978-3-319-60774-0_9⟩. ⟨hal-01806064⟩



Record views


Files downloads