Change-Point Detection for Voice over IP Denial of Service Attacks
Conference: KiVS 2007 - Kommunikation in Verteilten Systemen - 15. ITG/GI-Fachtagung
02/26/2007 - 03/02/2007 at Bern, Schweiz
Proceedings: KiVS 2007
Pages: 7Language: englishTyp: PDFPersonal VDE Members are entitled to a 10% discount on this title
Rebahi, Yacine (Fraunhofer Institut, Kaiserin Augusta Allee 31, 10589 Berlin, Germany)
Sisalem, Dorgham (Tekelec, Borsigturm 11, 13507 Berlin, Germany)
This paper describes the use of the nonparametric Cumulative Sums (CUSUM) algorithm for detecting flooding attacks against SIP infrastructures. The efficiency of this detection mechanism is validated using trace-driven simulations. Using an appropriate function, the nonparametric CUSUM equations are transformed to some parametric CUSUM equations for a Poisson model. This allowed us to verify the accuracy of the results provided by the experiments.