Skip to main content
SpringerLink
Log in

Intrusion detection in voice over IP environments

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In this article, we present the design of an intrusion detection system for voice over IP (VoIP) networks. The first part of our work consists of a simple single- component intrusion detection system called Scidive. In the second part, we extend the design of Scidive and build a distributed and correlation-based intrusion detection system called Space Dive. We create several attack scenarios and evaluate the accuracy and efficiency of the system in the face of these attacks. To the best of our knowledge, this is the first comprehensive look at the problem of intrusion detection in VoIP systems. It includes treatment of the challenges faced due to the distributed nature of the system, the nature of the VoIP traffic, and the specific kinds of attacks at such systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. ITU-T: Packet-based multimedia communications systems. Recommendation H.323 February (1998)

  2. Handley, M. et al.: SIP: Session Initiation Protocol. RFC 2543, March (1999)

  3. Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A Transport Protocol for Real-Time Applications. IETF, RFC 3550, July (2003)

  4. Arango, M. et al.: Media Gateway Control Protocol (MGCP) Version 1.0. RFC 2705 October (1999)

  5. Cuervo, F. et al.: Megaco Protocol Version 1.0. RFC 3015, November (2000)

  6. Baugher, M. et al.: The Secure Real-time Transport Protocol (SRTP). RFC 3711. March (2004)

  7. The Snort Intrusion Detection System: http://www.snort.org

  8. Express Router, S.I.P.: (ser) http://www.iptel.org/ser/

  9. X-Lite: http://xten.com/index.php?menu=X-Series

  10. Prelude Hybrid IDS. Available at: http://www.prelude-ids.org

  11. Software, I.B.M.: IBM Tivoli Intrusion Manager. Available at: http://www.ibm.com/software/tivoli/products/intrusionmgr/

  12. Giovanni Vigna: William Robertson, Vishal Kher, Richard A. Kemmerer: A stateful intrusion detection system for world-wide web servers. In: Proceedings of the 19th Annual Computer Security Applications Conference. Las Vegas, Nevada 8–12 December 2003

  13. Debian GNU/Linux: KDE K-Phone. Available at: http://www.wirlab.net/kphone/

  14. Microsoft, “MSN Messenger v. 6.1,” Available at: http://www.messenger.msn.com/

  15. ITU-T: Call Signaling protocols and media stream packetization for packet-based multimedia communication systems. Recommendation H.225.0, February (1988)

  16. ITU-T: Control protocol for multimedia communication. Recommendation H.245, September (1988)

  17. tcpdump/libpcap, Available at: http://www.tcpdump.org/

Download references

Author information

Authors and Affiliations

  1. Dependable Computing Systems Lab, School of Electrical and Computer Engineering, Purdue University, 465 Northwestern Avenue, West Lafayette, IN, 47907, USA

    Yu-Sung Wu, Vinita Apte & Saurabh Bagchi

  2. Yahoo Labs, Bangalore, India

    Sachin Garg

  3. Avaya Labs, Basking Ridge, USA

    Navjot Singh

Authors
  1. Yu-Sung Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vinita Apte
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Saurabh Bagchi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sachin Garg
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Navjot Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Saurabh Bagchi.

Additional information

Y.-S. Wu and V. Apte contributed equally to the paper.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wu, YS., Apte, V., Bagchi, S. et al. Intrusion detection in voice over IP environments. Int. J. Inf. Secur. 8, 153–172 (2009). https://doi.org/10.1007/s10207-008-0071-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-008-0071-0

Keywords

Search

Navigation