Please use this identifier to cite or link to this item:
|Title:||Architecture and performance evaluation of a hybrid intrusion detection system for IP telephony||Author(s):||Chan, Anthony Hing-Hung||Author(s):||Barry, B. I. A.||Issue Date:||2013||Publisher:||Wiley||Journal:||Security and Communication Networks||Volume:||6||Issue:||12||Start page:||1539||End page:||1555||Abstract:||
Convergence in networks and applications enables carrying voice, video, and other data on the same IP-based infrastructure, and provides various services related to these kinds of data in a unified way. Such a scheme benefits businesses substantially considering the lesser cost of building and managing a single network infrastructure instead of two separate ones. However, the same scheme poses serious threats to security solutions in general, and intrusion detection systems (IDSs) in particular. Inherited flaws and vulnerabilities in TCP/IP protocols at lower layers make voice susceptible to risks it has never been subjected to before in public switched telephone networks (PSTNs). Signaling and data delivery protocols at application layer have their weaknesses too which make breaching of confidentiality and integrity relatively easy. In this paper, we present the design and implementation of a hybrid, host-based intrusion detection system that is suitable for converged environments. Our design is unique in terms of providing an efficient combination of specification-based and signature-based detection techniques. Specification-based and signature-based detection modules provide solid awareness of the semantics as well as the syntax of the protocols involved. Our solution goes beyond addressing the issues of application layer protocols to address transport and network layer protocols as well in a unified way. The feasibility of our design is proven through the excellent detection accuracy and reasonable performance evaluation figures we get from our experiment.
|URI:||https://repository.cihe.edu.hk/jspui/handle/cihe/1271||DOI:||10.1002/sec.174||CIHE Affiliated Publication:||No|
|Appears in Collections:||CIS Publication|
Show full item record
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.