Upload File

tel500-voice communications sip-based voip traffic behavior profiling and its application devesh...

  • Home
  • Documents
  • TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State
13
TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State University of New York Institute of Technology

Upload: beverly-mckenzie

Post on 03-Jan-2016

215 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

TEL500-Voice Communications

SIP-based VoIP Traffic Behavior Profiling and Its Application

Devesh Mendiratta & Sameer DeshmukhMS-Telecommunication

State University of New York Institute of Technology

Page 2: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Introduction to Paper

SIP based VOIP Traffic Behavior at levels like SIP server entity SIP server host Individual user levels

Security of VOIP – Attacks & vulnerability Paper claims : Little research As of now

1st attempt to understand SIP traffic behavior

for Attack Detection

Page 3: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Outline

SIP Overview Identifying SIP servers Profiling SIP sever & User Behaviors Characteristics of Behavior Applications Conclusion

Page 4: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

SIP Based VoIP Service SIP servers and clients

SIP REGISTER

Call Proxy

Request-Response

Method field

FROM and TO fields

Page 5: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Identifying IP Address

Observation of SIP servers Large No. of SIP messages Large No. of distinct FROM and TO fields

Page 6: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Profiling SIP Server Behaviors

Multilevel Profiling

Three Levels: Server host level: maintain only aggregate features and metrics by examining only the message types into and out of a SIP server Server entity level: separate the role of a SIP server into register and call proxy User level: attribute the SIP messages to individual users and maintain statistic and features to characterized individual user behaviors

Page 7: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Server Host Level Characterization

Count the number of request and response messages received and sent by each SIP server over a given period of time T

Count the number of unique users seen in the FROM and TO fields of SIP request messages, and compute an aggregate user activity diversity from the distribution of data over T

Page 8: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Overall Server Level Characteristics

No. of message types User activities diversity(Metric)

Page 9: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Registrar Behavior Characteristics

Period of registration updates Requests inter-arrival times

Page 10: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Call Proxy/User Call Behavior Characteristics

Calls made vs. received Call types

Page 11: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Applications

Page 12: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

Conclusion

VOIP traffic consists of stable characteristics Well captured by statistics & features of profile we

use Profiling – to help identify the attack detection

Page 13: TEL500-Voice Communications SIP-based VoIP Traffic Behavior Profiling and Its Application Devesh Mendiratta & Sameer Deshmukh MS-Telecommunication State

?Thank You

Any Questions Undergrad ???


Mr S K Deshmukh

Good Morning, Panvel. Next to Indiabulls Greens. To book now Call Devesh @ 09594983222 or [email protected]

Devesh Projects

Presented by Edmund Davis Mary Ann Horton Narender Mendiratta Shamsuddin Pattharwala

Jayant Mendiratta(D27),Rahul Malhotra(C-38) - SOM

Siddharth Deshmukh

G Model ARTICLE IN PRESS - Deshmukh Labdeshmukhlab.web.unc.edu/files/2017/08/Holville-and-Deshmukh-non... · cite this article in press as: E. Hollville, M. Deshmukh, Physiological

Copy of Copy of Devesh 5 Aprail

Qui est Quiz Devesh Mohnot

CS Devesh A. Pathak Partner Devesh Vimal & Co., Practising Company Secretaries [email protected]

Deshmukh, Mechanics of Materials

Dr Devesh Singh- PPT

ICAR-IFPRI questionnaire development -Devesh Roy, IFPRI

ku. rupali v. deshmukh

TEL500-Voice Communications IVR using Speech Recognition in Asterisk Devesh Mendiratta

Vijay Deshmukh Optics Express

Tilak Maharashtra Vidyapeeth Section/candidate's lists/MAMarathi_May13.pdf · Deshmukh Kavita Atul 882104 ... Deshmukh Vishwas Prataprao 08812005103 88399 Deshmukh Yogini Balwantrao

Electrophoresis deshmukh madam (1)

Prof. MONIKA Y. DESHMUKH

Deshmukh nature inspired innovations

By Rohan Deshmukh

Indrajit Deshmukh Ppr

Devesh Kapur - UNCTAD

devesh kishore

11th Maths by Devesh Ahirwar Sagar

Devesh Final 2

M/S DEVESH MEDITECH

Shubham deshmukh

Wibe de Jong Devesh Tiwari Lawrence Berkeley National

CLASS I A SR. ENGLISH HINDI MARATHI MATHS EVS SCIENCE … · devesh sharma devesh sharma devesh sharma 2 aryan shambhav shekhar aneeta johnson devesh sharma ayaan ujan anam schaleen

Ppt deshmukh-1

What Determines Consumer Complaining Behavior? - Devesh

TEL500-Voice Communications IVR using Speech Recognition in Asterisk Devesh Mendiratta Sameer Deshmukh & Srinivas Madlapelli

Dr. Joy Deshmukh

Devesh Singh 2K8 EC 634