Jansky et al., 2017 - Google Patents
Hunting sip authentication attacks efficientlyJansky et al., 2017
View HTML- Document ID
- 6410502770700164794
- Author
- Jansky T
- Čejka T
- Bartoš V
- Publication year
- Publication venue
- IFIP International Conference on Autonomous Infrastructure, Management and Security
External Links
Snippet
Extended flow records with application layer (L7) information allow for detection of various types of malicious traffic. Voice over IP (VoIP) is an example of technology that works on L7 and many attacks against it cannot be reliably detected using just basic flow information …
- 238000001514 detection method 0 abstract description 25
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements or protocols for real-time communications
- H04L65/10—Signalling, control or architecture
- H04L65/1066—Session control
- H04L65/1076—Screening
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements or protocols for real-time communications
- H04L65/10—Signalling, control or architecture
- H04L65/1003—Signalling or session protocols
- H04L65/1006—SIP
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements or protocols for real-time communications
- H04L65/10—Signalling, control or architecture
- H04L65/1013—Network architectures, gateways, control or user entities
- H04L65/1046—Call controllers; Call servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements or protocols for real-time communications
- H04L65/10—Signalling, control or architecture
- H04L65/1003—Signalling or session protocols
- H04L65/1009—H.323
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L29/00—Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/00 - H04L27/00 contains provisionally no documents
- H04L29/02—Communication control; Communication processing contains provisionally no documents
- H04L29/06—Communication control; Communication processing contains provisionally no documents characterised by a protocol
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7561265B2 (en) | ENCRYPTED SNI FILTERING METHOD AND SYSTEM FOR CYBER SECURITY APPLICATIONS - Patent application | |
| JP7250703B2 (en) | Assessment and remediation of correlation-driven threats | |
| Zargar et al. | A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks | |
| US9118702B2 (en) | System and method for generating and refining cyber threat intelligence data | |
| US8230505B1 (en) | Method for cooperative intrusion prevention through collaborative inference | |
| Peng et al. | Survey of network-based defense mechanisms countering the DoS and DDoS problems | |
| US8806572B2 (en) | Authentication via monitoring | |
| US20180115523A1 (en) | Methods and systems for api deception environment and api traffic control and security | |
| US20060026679A1 (en) | System and method of characterizing and managing electronic traffic | |
| US20120151565A1 (en) | System, apparatus and method for identifying and blocking anomalous or improper use of identity information on computer networks | |
| Appala et al. | An actionable threat intelligence system using a publish-subscribe communications model | |
| CN114402567A (en) | Online detection of algorithmically generated domains | |
| Lee et al. | VoIP-aware network attack detection based on statistics and behavior of SIP traffic | |
| Miller et al. | Traffic classification for the detection of anonymous web proxy routing | |
| Miller et al. | Securing the internet through the detection of anonymous proxy usage | |
| Keromytis | Voice over IP Security: A Comprehensive Survey of Vulnerabilities and Academic Research | |
| CA2747584C (en) | System and method for generating and refining cyber threat intelligence data | |
| Jansky et al. | Hunting sip authentication attacks efficiently | |
| Ramamohanarao et al. | The curse of ease of access to the internet | |
| EP3595257B1 (en) | Detecting suspicious sources, e.g. for configuring a distributed denial of service mitigation device | |
| Singh et al. | Performance analysis of emm an edos mitigation technique in cloud computing environment | |
| Chapman et al. | Network traffic characteristics for detecting future botnets | |
| Hofbauer et al. | CDRAS: An approach to dealing with Man-in-the-Middle attacks in the context of Voice over IP | |
| AlBalawi et al. | An Approach for Investigating DNS Threats Prevention’s Methods and Enhancing Awareness of DNS Security: Towards Establishing a Practical Framework | |
| Chieffalo et al. | The Internet of Things-An Engineering Approach to Combating a Potential Skynet |