Distributed intrusion detection scheme for next generation networks

Distributed intrusion detection scheme for next generation networks

IP Multimedia Subsystem (IMS) is a next generation network that provides the hypermedia services as data, voice and video to users. Due to high level requirements for IMS services, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of network and computer applications 2019-12, Vol.147, p.102422, Article 102422
Hauptverfasser: Manan, Jamila, Ahmed, Atiq, Ullah, Ihsan, Merghem-Boulahia, Leïla, Gaïti, Dominique
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science
DDoS attacks
Intrusion detection system
Multi-agent systems
Networking and Internet Architecture
SIP flooding
SNORT
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page 102422
container_title Journal of network and computer applications
container_volume 147
creator Manan, Jamila
Ahmed, Atiq
Ullah, Ihsan
Merghem-Boulahia, Leïla
Gaïti, Dominique
description IP Multimedia Subsystem (IMS) is a next generation network that provides the hypermedia services as data, voice and video to users. Due to high level requirements for IMS services, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from attacks. Consequently, the Intrusion Detection Systems (IDS) are quickly becoming a popular requirement in building a network security infrastructure. Securing service and signalization is a vital feature in the IMS network. Signaling is generally based on Session Initiation Protocol (SIP) which offers numerous challenges regarding security which causes issues in IMS network. This work presents a study of SIP protocol and discovers the critical security vulnerabilities in the course of registration phase. We focused on DDoS attacks on IMS server using SIP particularly with REGISTER message and proposed a scheme based on multi agent systems for intrusion detection which takes the advantage of the distributed paradigm to implement an efficient distributed system, as well as the integration of existing techniques, i.e., the well-known IDS SNORT.
doi_str_mv 10.1016/j.jnca.2019.102422
format Article
fullrecord <record><control><sourceid>elsevier_hal_p</sourceid><recordid>TN_cdi_hal_primary_oai_HAL_hal_02272576v1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S1084804519302747</els_id><sourcerecordid>S1084804519302747</sourcerecordid><originalsourceid>FETCH-LOGICAL-c334t-2798f191c21f4314e42e44ee47b146b158e065334b2170cd3e371774bf18a0703</originalsourceid><addsrcrecordid>eNp9kM1OwzAQhC0EEqXwApxy5ZDgtZ04kbhU5adIlbjA2XKcDXVoHWS7Bd6ehCCOnHY0O7PSfoRcAs2AQnHdZZ0zOmMUqsFggrEjMgNa5WmZV-x41KVISyryU3IWQkcpLUTFZ2R5a0P0tt5HbBLrot8H27ukwYgmjiqYDe4waXufOPyMySs69Ppn5TB-9P4tnJOTVm8DXvzOOXm5v3tertL108PjcrFODecipkxWZQsVGAat4CBQMBQCUcgaRFFDXiIt8iFaM5DUNBy5BClF3UKpqaR8Tq6muxu9Ve_e7rT_Ur22arVYq9GjjEmWy-IAQ5ZNWeP7EDy2fwWgakSmOjUiUyMyNSEbSjdTCYcvDha9CsaiM9hYP-BQTW__q38DmrdzYA</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Distributed intrusion detection scheme for next generation networks</title><source>Elsevier ScienceDirect Journals Complete</source><creator>Manan, Jamila ; Ahmed, Atiq ; Ullah, Ihsan ; Merghem-Boulahia, Leïla ; Gaïti, Dominique</creator><creatorcontrib>Manan, Jamila ; Ahmed, Atiq ; Ullah, Ihsan ; Merghem-Boulahia, Leïla ; Gaïti, Dominique</creatorcontrib><description>IP Multimedia Subsystem (IMS) is a next generation network that provides the hypermedia services as data, voice and video to users. Due to high level requirements for IMS services, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from attacks. Consequently, the Intrusion Detection Systems (IDS) are quickly becoming a popular requirement in building a network security infrastructure. Securing service and signalization is a vital feature in the IMS network. Signaling is generally based on Session Initiation Protocol (SIP) which offers numerous challenges regarding security which causes issues in IMS network. This work presents a study of SIP protocol and discovers the critical security vulnerabilities in the course of registration phase. We focused on DDoS attacks on IMS server using SIP particularly with REGISTER message and proposed a scheme based on multi agent systems for intrusion detection which takes the advantage of the distributed paradigm to implement an efficient distributed system, as well as the integration of existing techniques, i.e., the well-known IDS SNORT.</description><identifier>ISSN: 1084-8045</identifier><identifier>EISSN: 1095-8592</identifier><identifier>DOI: 10.1016/j.jnca.2019.102422</identifier><language>eng</language><publisher>Elsevier Ltd</publisher><subject>Computer Science ; DDoS attacks ; Intrusion detection system ; Multi-agent systems ; Networking and Internet Architecture ; SIP flooding ; SNORT</subject><ispartof>Journal of network and computer applications, 2019-12, Vol.147, p.102422, Article 102422</ispartof><rights>2019 Elsevier Ltd</rights><rights>Distributed under a Creative Commons Attribution 4.0 International License</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c334t-2798f191c21f4314e42e44ee47b146b158e065334b2170cd3e371774bf18a0703</citedby><cites>FETCH-LOGICAL-c334t-2798f191c21f4314e42e44ee47b146b158e065334b2170cd3e371774bf18a0703</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://dx.doi.org/10.1016/j.jnca.2019.102422$$EHTML$$P50$$Gelsevier$$H</linktohtml><link.rule.ids>230,314,780,784,885,3550,27924,27925,45995</link.rule.ids><backlink>$$Uhttps://utt.hal.science/hal-02272576$$DView record in HAL$$Hfree_for_read</backlink></links><search><creatorcontrib>Manan, Jamila</creatorcontrib><creatorcontrib>Ahmed, Atiq</creatorcontrib><creatorcontrib>Ullah, Ihsan</creatorcontrib><creatorcontrib>Merghem-Boulahia, Leïla</creatorcontrib><creatorcontrib>Gaïti, Dominique</creatorcontrib><title>Distributed intrusion detection scheme for next generation networks</title><title>Journal of network and computer applications</title><description>IP Multimedia Subsystem (IMS) is a next generation network that provides the hypermedia services as data, voice and video to users. Due to high level requirements for IMS services, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from attacks. Consequently, the Intrusion Detection Systems (IDS) are quickly becoming a popular requirement in building a network security infrastructure. Securing service and signalization is a vital feature in the IMS network. Signaling is generally based on Session Initiation Protocol (SIP) which offers numerous challenges regarding security which causes issues in IMS network. This work presents a study of SIP protocol and discovers the critical security vulnerabilities in the course of registration phase. We focused on DDoS attacks on IMS server using SIP particularly with REGISTER message and proposed a scheme based on multi agent systems for intrusion detection which takes the advantage of the distributed paradigm to implement an efficient distributed system, as well as the integration of existing techniques, i.e., the well-known IDS SNORT.</description><subject>Computer Science</subject><subject>DDoS attacks</subject><subject>Intrusion detection system</subject><subject>Multi-agent systems</subject><subject>Networking and Internet Architecture</subject><subject>SIP flooding</subject><subject>SNORT</subject><issn>1084-8045</issn><issn>1095-8592</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><recordid>eNp9kM1OwzAQhC0EEqXwApxy5ZDgtZ04kbhU5adIlbjA2XKcDXVoHWS7Bd6ehCCOnHY0O7PSfoRcAs2AQnHdZZ0zOmMUqsFggrEjMgNa5WmZV-x41KVISyryU3IWQkcpLUTFZ2R5a0P0tt5HbBLrot8H27ukwYgmjiqYDe4waXufOPyMySs69Ppn5TB-9P4tnJOTVm8DXvzOOXm5v3tertL108PjcrFODecipkxWZQsVGAat4CBQMBQCUcgaRFFDXiIt8iFaM5DUNBy5BClF3UKpqaR8Tq6muxu9Ve_e7rT_Ur22arVYq9GjjEmWy-IAQ5ZNWeP7EDy2fwWgakSmOjUiUyMyNSEbSjdTCYcvDha9CsaiM9hYP-BQTW__q38DmrdzYA</recordid><startdate>20191201</startdate><enddate>20191201</enddate><creator>Manan, Jamila</creator><creator>Ahmed, Atiq</creator><creator>Ullah, Ihsan</creator><creator>Merghem-Boulahia, Leïla</creator><creator>Gaïti, Dominique</creator><general>Elsevier Ltd</general><general>Elsevier</general><scope>AAYXX</scope><scope>CITATION</scope><scope>1XC</scope></search><sort><creationdate>20191201</creationdate><title>Distributed intrusion detection scheme for next generation networks</title><author>Manan, Jamila ; Ahmed, Atiq ; Ullah, Ihsan ; Merghem-Boulahia, Leïla ; Gaïti, Dominique</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c334t-2798f191c21f4314e42e44ee47b146b158e065334b2170cd3e371774bf18a0703</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Computer Science</topic><topic>DDoS attacks</topic><topic>Intrusion detection system</topic><topic>Multi-agent systems</topic><topic>Networking and Internet Architecture</topic><topic>SIP flooding</topic><topic>SNORT</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Manan, Jamila</creatorcontrib><creatorcontrib>Ahmed, Atiq</creatorcontrib><creatorcontrib>Ullah, Ihsan</creatorcontrib><creatorcontrib>Merghem-Boulahia, Leïla</creatorcontrib><creatorcontrib>Gaïti, Dominique</creatorcontrib><collection>CrossRef</collection><collection>Hyper Article en Ligne (HAL)</collection><jtitle>Journal of network and computer applications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Manan, Jamila</au><au>Ahmed, Atiq</au><au>Ullah, Ihsan</au><au>Merghem-Boulahia, Leïla</au><au>Gaïti, Dominique</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Distributed intrusion detection scheme for next generation networks</atitle><jtitle>Journal of network and computer applications</jtitle><date>2019-12-01</date><risdate>2019</risdate><volume>147</volume><spage>102422</spage><pages>102422-</pages><artnum>102422</artnum><issn>1084-8045</issn><eissn>1095-8592</eissn><abstract>IP Multimedia Subsystem (IMS) is a next generation network that provides the hypermedia services as data, voice and video to users. Due to high level requirements for IMS services, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from attacks. Consequently, the Intrusion Detection Systems (IDS) are quickly becoming a popular requirement in building a network security infrastructure. Securing service and signalization is a vital feature in the IMS network. Signaling is generally based on Session Initiation Protocol (SIP) which offers numerous challenges regarding security which causes issues in IMS network. This work presents a study of SIP protocol and discovers the critical security vulnerabilities in the course of registration phase. We focused on DDoS attacks on IMS server using SIP particularly with REGISTER message and proposed a scheme based on multi agent systems for intrusion detection which takes the advantage of the distributed paradigm to implement an efficient distributed system, as well as the integration of existing techniques, i.e., the well-known IDS SNORT.</abstract><pub>Elsevier Ltd</pub><doi>10.1016/j.jnca.2019.102422</doi></addata></record>
fulltext fulltext
identifier ISSN: 1084-8045
ispartof Journal of network and computer applications, 2019-12, Vol.147, p.102422, Article 102422
issn 1084-8045
1095-8592
language eng
recordid cdi_hal_primary_oai_HAL_hal_02272576v1
source Elsevier ScienceDirect Journals Complete
subjects Computer Science
DDoS attacks
Intrusion detection system
Multi-agent systems
Networking and Internet Architecture
SIP flooding
SNORT
title Distributed intrusion detection scheme for next generation networks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-28T12%3A50%3A04IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-elsevier_hal_p&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Distributed%20intrusion%20detection%20scheme%20for%20next%20generation%20networks&rft.jtitle=Journal%20of%20network%20and%20computer%20applications&rft.au=Manan,%20Jamila&rft.date=2019-12-01&rft.volume=147&rft.spage=102422&rft.pages=102422-&rft.artnum=102422&rft.issn=1084-8045&rft.eissn=1095-8592&rft_id=info:doi/10.1016/j.jnca.2019.102422&rft_dat=%3Celsevier_hal_p%3ES1084804519302747%3C/elsevier_hal_p%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_els_id=S1084804519302747&rfr_iscdi=true