Visible to the public Biblio

Filters: Keyword is session initiation protocol  [Clear All Filters]
2018-01-16
Yamacc, M., Sankur, B., Cemgil, A. T..  2017.  Malicious users discrimination in organizec attacks using structured sparsity. 2017 25th European Signal Processing Conference (EUSIPCO). :266–270.

Communication networks can be the targets of organized and distributed attacks such as flooding-type DDOS attack in which malicious users aim to cripple a network server or a network domain. For the attack to have a major effect on the network, malicious users must act in a coordinated and time correlated manner. For instance, the members of the flooding attack increase their message transmission rates rapidly but also synchronously. Even though detection and prevention of the flooding attacks are well studied at network and transport layers, the emergence and wide deployment of new systems such as VoIP (Voice over IP) have turned flooding attacks at the session layer into a new defense challenge. In this study a structured sparsity based group anomaly detection system is proposed that not only can detect synchronized attacks, but also identify the malicious groups from normal users by jointly estimating their members, structure, starting and end points. Although we mainly focus on security on SIP (Session Initiation Protocol) servers/proxies which are widely used for signaling in VoIP systems, the proposed scheme can be easily adapted for any type of communication network system at any layer.

2017-11-20
Reddy, Alavalapati Goutham, Yoon, Eun-Jun, Das, Ashok Kumar, Yoo, Kee-Young.  2016.  An Enhanced Anonymous Two-factor Mutual Authentication with Key-agreement Scheme for Session Initiation Protocol. Proceedings of the 9th International Conference on Security of Information and Networks. :145–149.

A two-factor authenticated key-agreement scheme for session initiation protocol emerged as a best remedy to overcome the ascribed limitations of the password-based authentication scheme. Recently, Lu et al. proposed an anonymous two-factor authenticated key-agreement scheme for SIP using elliptic curve cryptography. They claimed that their scheme is secure against attacks and achieves user anonymity. Conversely, this paper's keen analysis points out several severe security weaknesses of the Lu et al.'s scheme. In addition, this paper puts forward an enhanced anonymous two-factor mutual authenticated key-agreement scheme for session initiation protocol using elliptic curve cryptography. The security analysis and performance analysis sections demonstrates that the proposed scheme is more robust and efficient than Lu et al.'s scheme.