Multiplex communications – Data flow congestion prevention or control – Control of data admission to the network
Reexamination Certificate
2008-09-12
2011-10-25
Jagannathan, Melanie (Department: 2468)
Multiplex communications
Data flow congestion prevention or control
Control of data admission to the network
C370S232000, C370S237000, C709S224000, C709S225000, C709S226000, C709S229000
Reexamination Certificate
active
08045464
ABSTRACT:
With the widespread adoption of SIP-based VoIP, understanding the characteristics of SIP traffic behavior is critical to problem diagnosis and security protection of VoIP services. A general methodology is provided for profiling SIP-based VoIP traffic behavior at several levels: SIP server host, server entity (e.g., registrar and call proxy) and individual user levels. Using SIP traffic traces captured in a production VoIP network, the characteristics of SIP-based VoIP traffic behavior in an operational environment is illustrated and the effectiveness of the general profiling methodology is demonstrated. In particular, the profiling methodology identifies anomalies due to performance problems and/or implementation flaws through a case study. The efficacy of the methodology in detecting potential VoIP attacks is also demonstrated through a test bed experimentation.
REFERENCES:
patent: 5835490 (1998-11-01), Park et al.
patent: 7441429 (2008-10-01), Nucci et al.
patent: 2004/0228352 (2004-11-01), Constantinof
patent: 2006/0087973 (2006-04-01), Huang
patent: 2007/0150950 (2007-06-01), Aaron et al.
patent: 2007/0180113 (2007-08-01), Van Bemmel
patent: 2007/0206579 (2007-09-01), Voith et al.
patent: 2007/0233896 (2007-10-01), Hilt et al.
patent: 2007/0255828 (2007-11-01), Paradise
patent: 2008/0016157 (2008-01-01), Sahraie et al.
U.S. Appl. No. 12/268,676, filed Nov. 11, 2008, Nucci et al.
U.S. Appl. No. 12/334,926, filed Dec. 15, 2009, Nucci et al.
Dantu, R. and Kolan, P. Detecting Spam in VoIP networks. Proceedings of USENIX, SRUTI '05: Steps for Reducing Unwanted Traffic on the Internet Workshop [online], Jul. 7, 2005 [retrieved on Aug. 28, 2009]. Retrieved from the Internet: <http://www.usenix.org/event/sruti05/tech/full—papers/dantu/dantu.pdf>, pp. 31-37.
Geneiatakis, D., et al. Novel Protecting Mechanism for SIP-Based Infrastructure against Malformed Message Attacks: Performance Evaluation Study. Proc. of the 5th International Conference on Communication Systems, Networks and Digital Signal Processing (CSNDSP'06) [online], Jul. 2006 [retrieved on Aug. 28, 2009]. Ret. from: <http://www.wcl.ee.upatras.gr/csndsp/CD/contents/Sessions/Presentations/A12%20-%20Internet%20atacks%20-anomaly%20detection/A12.4.PDF>, p. 261.
Geneiatakis, D., et al., “SIP Message Tampering: TheSQL Code Injection Attack,” in: Proc. of the 13th IEEE International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2005) (Split, Croatia, Sep. 2005), pp. 176-181.
Hickey, A.R., For VoIP, too many threats to count. SearchSecurity.com: Information Security News [online], Dec. 15, 2005 [retrieved on Dec. 21, 2006]. Retrieved from the Internet: <http://searchsecurity.techtarget.com/originalContent/0,289142,sid14—gci1153718,00.html?SEevlg65>.
McGann, S. and Sicker, D.C. “An Analysis of Security Threats and Tools in SIP-Based VoIP Systems.” in: 2nd Workshop on Securing Voice over IP (Washington DC, Jun. 1, 2005).
Reynolds, B. and Ghosal, D. Secure IP Telephony using Multi-Layered Protection. Proceedings of Network and Distributed System Security Symposium (NDSS'03) [online], Feb. 2003 [retrieved on Aug. 28, 2009]. Retrieved from the Internet: <http://www.isoc.org/isoc/conferences
dss/03/proceedings/papers/3.pdf>.
Reynolds, B. et al., “Vulnerability Analysis and A Security Architecture for IP Telephony,” in: IEEE GlobeCom Workshop on VoIP Security: Challenges and Solutions (Dallas TX, Dec. 3, 2004).
Rosenberg, J., et al. SIP: Session Initiation Protocol. Internet Engineering Task Force (IETF) RFC 3261 [online], Jun. 2002 [retrieved on Aug. 28, 2009]. Retrieved from the Internet: <www.ietf.org/rfc/rfc3261.txt>.
Wosnack, N. A Vonage VoIP 3-way call CID Spoofing Vulnerability. Hack Canada [online], Aug. 13, 2003 [retrieved on Aug. 28, 2009]. Retrieved from the Internet: <www.hackcanada.com/canadian/phreaking/voip-vonage-vulnerability.html>.
Wu, Y.S., et al, “SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments,” in: Proceedings of the 2004 International Conference on Dependable Systems and Networks (DSN'04) (Split, Croatia, Jun. 2004), pp. 433-442.
Pesch, D., et al.,“Performance evaluation of SIP-based multimedia services in UMTS,” Computer Networks: The International Journal of Computer and Telecommunications Networking vol. 49, No. 3 (Oct. 19, 2005), pp. 385-403.
Kang, H. J. et al., “SIP-based VoIP Traffic Behavior Profiling and Its Applications,” in: Proceedings of the 3rd annual ACM Workshop on Mining Network Data (San Diego CA, Jun. 12, 2007), pp. 39-44.
Nucci Antonio
Ranjan Supranamaya
Zhang Zhi-Li
Fernandez & Associates LLP
Jagannathan Melanie
Narus, Inc.
LandOfFree
SIP-based VoIP traffic behavior profiling method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with SIP-based VoIP traffic behavior profiling method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and SIP-based VoIP traffic behavior profiling method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4287482