A Privacy-Preserving Entropy-Driven Framework for Tracing DoS Attacks in VoIP

Abstract: 

Network audit trails, especially those composed of application layer data, can be a valuable source of information regarding the investigation of attack incidents. Nevertheless, the analysis of log files of large volume is usually both complex (slow) and privacy-neglecting. Especially, when it comes to VoIP, the literature on how audit trails can be exploited to identify attacks remains scarce. This paper provides an entropy-driven, privacy preserving, and practical framework for detecting resource consumption attacks in VoIP ecosystems. We extensively evaluate our framework under various attack scenarios involving single and multiple assailants. The results obtained show that the proposed scheme is capable of identifying malicious traffic with a false positive alarm rate up to 3.5%.

Authors
Authors: 
KAMBOURAKIS Georgios, GENEIATAKIS Dimitrios, KEROMYTIS Angelos, TSIATSIKAS Zisis
Publication Year
Publication Year: 
2013
Type

Type:

Appears in Collections
Appears in Collections: 
Institute for the Protection and Security of the Citizen
Science Areas
Science Areas: 
JRC Institutes
Publisher
Publisher: 
IEEE
ISBN
ISBN: 
978-0-7695-5008-4/13
Citation
Citation: 
8th International Conference on Availability, Reliability and Security p. 224-229