Author
Vinita Apte, Yu-Sung Wu, Saurabh Bagchi, Sachin Garg, Navjot Singh
Abstract
Voice over IP (VoIP) systems are gaining in popularity as the technology for transmitting voice traffic over IP networks. As
the popularity of VoIP systems increases, they are being subjected to different kinds of intrusions some of which are specific
to such systems and some which follow a general pattern of IP attacks. VoIP systems pose several new challenges to
Intrusion Detection System (IDS) designers. First, these systems employ multiple protocols for call management (e.g., SIP)
and data delivery (e.g., RTP). Second, the systems are distributed in nature and employ distributed clients, servers and
proxies. Third, the attacks to such systems span a large class, from denial of service to billing fraud attacks. Finally, the
systems are heterogeneous, have soft real time requirements, and are typically under several different administrative domains.
In this paper, we propose the design of an intrusion detection system targeted to VoIP systems, called SPACEDIVE.
SPACEDIVE is structured to detect different classes of intrusions, including, masquerading, denial of service, and media
stream-based attacks. It can be installed at multiple points