+ All Categories
Home > Documents > TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh...

TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh...

Date post: 03-Jan-2016
Category:

Documents
Upload: beverly-mckenzie
View: 215 times
Download: 0 times
Download Report this document
Share this document with a friend
Popular Tags:
sip messageslarge
sip traffic behavior
sip server server entity
clients sip register
fields of sip request
voip service sip servers
proxy user level
behavior characteristicscalls
13
TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State University of New York Institute of Technology
Transcript
Page 1: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

TEL500-Voice Communications

SIP-based VoIP Traffic Behavior Profiling and Its Application

Devesh Mendiratta & Sameer DeshmukhMS-Telecommunication

State University of New York Institute of Technology

Page 2: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Introduction to Paper

SIP based VOIP Traffic Behavior at levels like SIP server entity SIP server host Individual user levels

Security of VOIP – Attacks & vulnerability Paper claims : Little research As of now

1st attempt to understand SIP traffic behavior

for Attack Detection

Page 3: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Outline

SIP Overview Identifying SIP servers Profiling SIP sever & User Behaviors Characteristics of Behavior Applications Conclusion

Page 4: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

SIP Based VoIP Service SIP servers and clients

SIP REGISTER

Call Proxy

Request-Response

Method field

FROM and TO fields

Page 5: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Identifying IP Address

Observation of SIP servers Large No. of SIP messages Large No. of distinct FROM and TO fields

Page 6: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Profiling SIP Server Behaviors

Multilevel Profiling

Three Levels: Server host level: maintain only aggregate features and metrics by examining only the message types into and out of a SIP server Server entity level: separate the role of a SIP server into register and call proxy User level: attribute the SIP messages to individual users and maintain statistic and features to characterized individual user behaviors

Page 7: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Server Host Level Characterization

Count the number of request and response messages received and sent by each SIP server over a given period of time T

Count the number of unique users seen in the FROM and TO fields of SIP request messages, and compute an aggregate user activity diversity from the distribution of data over T

Page 8: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Overall Server Level Characteristics

No. of message types User activities diversity(Metric)

Page 9: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Registrar Behavior Characteristics

Period of registration updates Requests inter-arrival times

Page 10: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Call Proxy/User Call Behavior Characteristics

Calls made vs. received Call types

Page 11: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Applications

Page 12: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

Conclusion

VOIP traffic consists of stable characteristics Well captured by statistics & features of profile we

use Profiling – to help identify the attack detection

Page 13: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State.

?Thank You

Any Questions Undergrad ???


Recommended
devesh kishore

devesh kishore

Documents

11th Maths by Devesh Ahirwar Sagar

11th Maths by Devesh Ahirwar Sagar

Documents

Devesh KapurDEVELOPMENT MANTRA? Devesh Kapur 2 G-24 Discussion Paper Series, No. 29 curity schemes or to private insurance or pension funds it overstates the resources transferred

Devesh KapurDEVELOPMENT MANTRA? Devesh Kapur 2 G-24 Discussion Paper Series, No. 29 curity schemes or to private insurance or pension funds it overstates the resources transferred

Documents

Jayant Mendiratta(D27),Rahul Malhotra(C-38) - SOM

Jayant Mendiratta(D27),Rahul Malhotra(C-38) - SOM

Documents

Indias Gold Fetish and Switzerlands Data Secrecy Devesh Kapur, Marla Spivack, Arvind Subramanian, and Milan Vaishnav* November 5, 2013 *Devesh Kapur is.

Indias Gold Fetish and Switzerlands Data Secrecy Devesh Kapur, Marla Spivack, Arvind Subramanian, and Milan Vaishnav* November 5, 2013 *Devesh Kapur is.

Documents

Wibe de Jong Devesh Tiwari Lawrence Berkeley National ...

Wibe de Jong Devesh Tiwari Lawrence Berkeley National ...

Documents

TEL500-Voice Communications IVR using Speech Recognition in Asterisk Devesh Mendiratta Sameer Deshmukh & Srinivas Madlapelli.

TEL500-Voice Communications IVR using Speech Recognition in Asterisk Devesh Mendiratta Sameer Deshmukh & Srinivas Madlapelli.

Documents

Qui est Quiz Devesh Mohnot

Qui est Quiz Devesh Mohnot

Education

Good Morning, Panvel. Next to Indiabulls Greens. To book now Call Devesh @ 09594983222 or devesh@groffr.com

Good Morning, Panvel. Next to Indiabulls Greens. To book now Call Devesh @ 09594983222 or [email protected]

Real Estate

What Determines Consumer Complaining Behavior? - Devesh ...

What Determines Consumer Complaining Behavior? - Devesh ...

Documents

ICAR-IFPRI: Revisiting and other issues - Devesh Roy

ICAR-IFPRI: Revisiting and other issues - Devesh Roy

Education

Devesh Kapur - UNCTAD

Devesh Kapur - UNCTAD

Documents

Micro Data and Macro Technology - Devesh R. Raval · Micro Data and Macro Technology Ezra Ober eld Princeton University & NBER ezraoberfield@gmail.com Devesh Raval ... representing

Micro Data and Macro Technology - Devesh R. Raval · Micro Data and Macro Technology Ezra Ober eld Princeton University & NBER [email protected] Devesh Raval ... representing

Documents

DEVESH AIHA

DEVESH AIHA

Documents

M/S DEVESH MEDITECH

M/S DEVESH MEDITECH

Documents

ICAR-IFPRI: Panel regression lecture 5 Devesh Roy

ICAR-IFPRI: Panel regression lecture 5 Devesh Roy

Education

TEL500-Voice Communications IVR using Speech Recognition in Asterisk Devesh Mendiratta

TEL500-Voice Communications IVR using Speech Recognition in Asterisk Devesh Mendiratta

Documents

ESSAYS ON TRADE AND DEVELOPMENT Devesh Roy - DRUM

ESSAYS ON TRADE AND DEVELOPMENT Devesh Roy - DRUM

Documents