Abstract | ||
---|---|---|
Voice over IP (VoIP) based on SIP is rapidly replacing classical telephony services as providers worldwide migrate their services to IP-based platforms. However, apart from the benefits for providers and customers, telephony is becoming "just another" Internet application which is vulnerable to multiple - both well known and novel - attack and misuse scenarios. We focus in this paper on the attempts to compromise SIP accounts in order to misuse them at the expense of the legitimate owner (Toll-Fraud). Such misuse occurs globally and massively and caused significant damage already. Our study is based on real SIP attack data collected over several years and our long standing expertise in analyzing this data by using standard methods. We show in this paper, that the visual analytics approach by using a node-link visualization diagram tool can provide new insights into attacker behavior, particularly with respect to distributed and coordinated attacks from different sources and specific properties of different popular attack tools. This analysis also revealed the usage of SIP INVITE packets for previously not known purposes in multi-stage attacks. Therefore, this approach provides a valuable and useful addition to the approaches used so far, which are based on statistical analysis or rule-based clustering. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1109/TrustCom/BigDataSE.2018.00048 | 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) |
Keywords | Field | DocType |
VoIP, SIP, Attack traffic, Random User Agent, VaxSIP, SipCLI, Empty UA, Toll-Fraud, Data visualization, Exploratory data analysis, Gephi | Data visualization,Computer science,Computer security,Network packet,Computer network,Visual analytics,Telephony,Cluster analysis,Exploratory data analysis,Voice over IP,The Internet | Conference |
ISSN | ISBN | Citations |
2324-9013 | 978-1-5386-4389-1 | 0 |
PageRank | References | Authors |
0.34 | 0 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ekaterina Volodina | 1 | 0 | 0.34 |
Adnan Aziz | 2 | 1778 | 149.76 |
Erwin P. Rathgeb | 3 | 418 | 49.45 |
Tobias Hoßfeld | 4 | 1734 | 136.57 |