[Home ]   [ فارسی ]  
Main Menu
About::
Faculty Members::
People::
Academics::
Facilities::
Contacts::
Defenses::
Research Area::
::
Search in website

Advanced Search
..
Receive site information
Enter your email in the following box to receive the site news and information.
..
Contact Us

AWT IMAGE 

Postal Address:

Computer Engineering School

Iran University of Science

and Technology
University Road, Hengam Street

, Resalat Square, Narmak, Tehran, Iran,
Zip Code: 16846-13114
Tel: +98 (21) 73225300 

       +98 (21) 77225301

Fax: +98 (21) 73225322

email:

cesecretary-at-iust.ac.ir

..
:: Hassan Asgharian ::
 | Post date: 2016/02/15 | 

AWT IMAGE

  Mr Hassan Asgharian is going to defense his Phd thesis on “Security Framework for Intrusion Detection and Automated Response in SIP based Applications” on wednsday Feb. 17, 2016. The session will be held in Phd defense hall, Computer Engineering Department, Iran University of Science and Technology, Tehran, Iran.

Thesis Abstract

Session Initiation Protocol (SIP) is the main control protocol of multimedia networks that is used as the signaling protocol in Next Generation Networks (NGN). It is a text-based stateful protocol which looks like the HTTP protocol. It manages the transactions in its specific multi-layer architecture over the application layer. The results of previous researches on the SIP attacks show that the root cause of more than 98 percent of these attacks is implementation problems and misconfigurations. New advances in multimedia and broadband communication networks make it possible to define software based services, but the security issues of control protocols in these multimedia clouds has been received proper attentions. Therefore, we present a security framework for intrusion detection and automated response selection on SIP based platforms. We employ the feature engineering approach to generate suitable features for anomaly detection systems. Feature engineering is the process of using domain knowledge of raw data and transforming them into features that best represent the security issues to the machine learning algorithms, resulting in improved model accuracy on unseen data. For this purpose, after analyzing the normal behavior of SIP entities, raw information of SIP header fields that may be used in features are extracted. We objectively estimate the usefulness of features and construct the feature set for using in SIP anomaly detection systems. We also categorize the different flooding attacks in SIP and construct four different feature sets for detecting these attack classes. The experimental results show the performance of proposed feature sets in terms of detection and false alarm rate. Finally, we complete our security framework by adding SIP specific automatic intrusion response module. It is done by the development of an application layer firewall and an automatic response selection engine. The final response is selected from the nominated responses by considering the runtime conditions in addition to the output alarm of detection engine. The results of the performance assessment of the proposed framework on available datasets show the proper function of the security framework in intrusion prevention. Since there is no benchmark data for SIP-based security system assessment, we also provide a real testbed based on the well-known open source applications to generate new and complex attack scenarios.

Keywords: SIP security, SIP flooding attacks, specification based intrusion detection system, automated intrusion response system

 

Session Details:   

Phd cadidate: Hassan Asgharian

Supervisor: Dr. Ahmad Akbari

Advisor:

Dr. Bijan Raahemi

Jury Committee: Dr.Fathy, Dr. Seyed Vahid Azhari, Dr. Kabiri, Dr. Pedram, Dr. Malekiyan

Time: Location: 09:30 AM, wednsday Feb. 17, 2016, Phd defense hall, Computer Engineering Department, Iran University of Science and Technology, Tehran, Iran

View: 1135 Time(s)   |   Print: 352 Time(s)   |   Email: 0 Time(s)   |   0 Comment(s)
Related topics Related topics Print version Print version Send to friends Send to friends
School of Computer Engineering
Persian site map - English site map - Created in 0.146 seconds with 936 queries by yektaweb 3506