Please use this identifier to cite or link to this item: https://repository.cihe.edu.hk/jspui/handle/cihe/1271
Title: Architecture and performance evaluation of a hybrid intrusion detection system for IP telephony
Author(s): Chan, Anthony Hing-Hung 
Author(s): Barry, B. I. A.
Issue Date: 2013
Publisher: Wiley
Journal: Security and Communication Networks 
Volume: 6
Issue: 12
Start page: 1539
End page: 1555
Abstract: 
Convergence in networks and applications enables carrying voice, video, and other data on the same IP-based infrastructure, and provides various services related to these kinds of data in a unified way. Such a scheme benefits businesses substantially considering the lesser cost of building and managing a single network infrastructure instead of two separate ones. However, the same scheme poses serious threats to security solutions in general, and intrusion detection systems (IDSs) in particular. Inherited flaws and vulnerabilities in TCP/IP protocols at lower layers make voice susceptible to risks it has never been subjected to before in public switched telephone networks (PSTNs). Signaling and data delivery protocols at application layer have their weaknesses too which make breaching of confidentiality and integrity relatively easy. In this paper, we present the design and implementation of a hybrid, host-based intrusion detection system that is suitable for converged environments. Our design is unique in terms of providing an efficient combination of specification-based and signature-based detection techniques. Specification-based and signature-based detection modules provide solid awareness of the semantics as well as the syntax of the protocols involved. Our solution goes beyond addressing the issues of application layer protocols to address transport and network layer protocols as well in a unified way. The feasibility of our design is proven through the excellent detection accuracy and reasonable performance evaluation figures we get from our experiment.
URI: https://repository.cihe.edu.hk/jspui/handle/cihe/1271
DOI: 10.1002/sec.174
CIHE Affiliated Publication: No
Appears in Collections:CIS Publication

Files in This Item:
File Description SizeFormat
View Online80 BHTMLView/Open
SFX Query Show full item record

Google ScholarTM

Check

Altmetric

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.