ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Detecting VoIP based DoS attacks at the public safety answering point
Full text PdfPdf (285 KB)
Source ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2008 ACM symposium on Information, computer and communications security table of contents
Tokyo, Japan
SESSION: Network security (I) table of contents
Pages 148-155  
Year of Publication: 2008
ISBN:978-1-59593-979-1
Authors
Christoph Fuchs  University of Bonn, Bonn, Germany
Nils Aschenbruck  University of Bonn, Bonn, Germany
Felix Leder  University of Bonn, Bonn, Germany
Peter Martini  University of Bonn, Bonn, Germany
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 42,   Downloads (12 Months): 191,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1368310.1368333
What is a DOI?

ABSTRACT

In the recent years Voice over IP (VoIP) telephony started to migrate from research to the market. In the future, All-IP networks will substitute the classical Public Switched Telephone Networks (PSTNs). Nowadays, there is no All-IP network yet, but many VoIP-providers already enable calls from VoIP to a PSTN and vice versa. Thus, critical infrastructures within the PSTN like the emergency call service, are accessible from the VoIP network (e.g. the Internet) and get exposed to new security threats. In particular, there is the risk of Denial of Service (DoS) attacks originating from the VoIP network. An attacker could jam the emergency call service by generating a massive load of faked emergency calls, which could lead to the loss of lives in the worst case. For us, this was the motivation to analyse the applicability of the concept of Intrusion Detection (ID) in the emergency call context and develop an adapted ID-architecture including its implementation. In an evaluation of the ID-architecture, using real emergency call traces from the fire department of Cologne, we show that the developed concept can reliably detect emerging DoS attacks from VoIP networks up to a certain VoIP diffusion rate.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Telekommunikationsgesetz (TKG), Juni 2004. BGBl I 2004, 1190.
 
2
M. Arora and S. Chakravarty. VoIP security: Scenarios, challenges, and counter measures-Part I, January 2007.
 
3
Nils Aschenbruck , Matthias Frank , Peter Martini , Jens Tolle , Roland Legat , Heinz-Dieter Richmann, Present and Future Challenges Concerning DoS-attacks against PSAPs in VoIP Networks, Proceedings of the Fourth IEEE International Workshop on Information Assurance, p.103-108, April 13-14, 2006  [doi>10.1109/IWIA.2006.19]
 
4
Asterisk Homepage, May 2007. http://www.asterisk.org.
 
5
Jahresbericht der Bundesnetzagentur 2005, Februar 2006.
 
6
J. Branch, A. Bivens, C.-Y. Chan, T.-K. Lee, and B. Szymanski. Denial of service intrusion detection using time dependent deterministic finite automata. In Proc. Graduate Research Conference, RPI, Troy, NY, October 2002.
 
7
Dorothy E. Denning, An Intrusion-Detection Model, IEEE Transactions on Software Engineering, v.13 n.2, p.222-232, February 1987  [doi>10.1109/TSE.1987.232894]
 
8
Requirements for communication of citizens with authorities/organizations in case of distress (emergency call handling). Special Report 002 180, ETSI, 2003.
 
9
N. gentschen Felde. Einsatz der graphbasierten Meldungsstrukturanalyse in domänenübergreifenden Meta-IDS. In A. B. Cremers, R. Manthey, P. Martini, and V. Steinhage, editors, GI Jahrestagung (2), volume 68 of LNI, pages 653--657. GI, 2005.
 
10
Erarbeitung landesweiter Standards für die Errichtung Integrierter Leitstellen in Bayern, August 2001. https://www.bayern-ils.de/ILSWebseite/downloads/extern/Erarbeitung%20landesweiter%20Standards/Teil3.pdf.
 
11
B. Mukherjee, L. Heberlein, and K. Levitt. Network intrusion detection. IEEE Network, 8(3):26--41, May/June 1994.
 
12
PSTN Risks & Challenges, 2005. (Results of a fast track working group) http://nena.org/VoIP_IP/PSTN%20Risks%20&%20Challenges%20FINAL.doc.
 
13
Homepage von Voicetronix, November 2005. http://www.voicetronix.com.au.
 
14
Homepage von PBX4Linux, November 2005. http://isdn.jolly.de.
 
15
Ayse Pinar Saygin , Ilyas Cicekli , Varol Akman, Turing Test: 50 Years Later, Minds and Machines, v.10 n.4, p.463-518, November 2000  [doi>10.1023/A:1011288000451 ]
 
16
H. Schulzrinne and R. Marshall. Requirements for Emergency Context Resolution with Internet Technologies, Oktober 2005. IETF ECRIT Draft draft-schulzrinne-ecrit-requirements-01.txt.
 
17
H. Schulzrinne, M. Shanmugam, P. Taylor, and H. Tschofenig. Security Threats and Requirements for Emergency Calling, 2005. IETF ECRIT Draft draft-taylor-ecrit-security-threats-00.txt.

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)


General Terms:
Reliability, Security


Keywords:
911, PSAP, VoIP, denial of service, emergency calls, intrusion detection

Collaborative Colleagues:
Christoph Fuchs: colleagues
Nils Aschenbruck: colleagues
Felix Leder: colleagues
Peter Martini: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2008 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player