Dimitris Geneiatakis

Learn More
ne of the main challenges that telecommunication providers are facing is the convergence of data and voice networks. The idea of utilizing data networks for transmitting voice was originally proposed in 1970 [1], while the Internet evolution has pressed telecommunication providers and Internet Service Providers (ISPs) to transmit Voice over Internet(More)
Anomaly DDoS Detection DoS Flooding IMS Mitigation RTP Signature VoIP a b s t r a c t Session Initiation Protocol is a core protocol for coming real time communication networks, including VoIP, IMS and IPTV networks. Based on the open IP stack, it is similarly susceptible to Denial-of-Service Attacks launched against SIP servers. More than 20 different(More)
Voice over IP (VoIP) Flooding attacks Denial of Service Bloom filter Security a b s t r a c t Any application or service utilizing the Internet is exposed to both general Internet attacks and other specific ones. Most of the times the latter are exploiting a vulnerability or mis-configuration in the provided service and/or in the utilized protocol itself.(More)
The advent of Voice over IP (VoIP) has offered numerous advantages but, at the same time, it has introduced security threats not previously encountered in networks with a closed architecture like the Public Switch Telephone Networks (PSTN). One of these threats is that of signaling attacks. This paper examines the signaling attacks in VoIP environments(More)
Keywords: VoIP SIP Denial of Service Flooding protection Security Malformed messages DNS cache a b s t r a c t The emergence of Voice over IP (VoIP) has offered numerous advantages for end users and providers alike, but simultaneously has introduced security threats, vulnerabilities and attacks not previously encountered in networks with a closed(More)
DNS amplification attacks massively exploit open recursive DNS servers mainly for performing bandwidth consumption DDoS attacks. The amplification effect lies in the fact that DNS response messages may be substantially larger than DNS query messages. In this paper, we present and evaluate a novel and practical method that is able to distinguish between(More)
It is well known that no security mechanism can provide full protection against a potential attack. There is always a possibility that a security incident may happen, mainly as a result of a new or modified attack that the employed countermeasures cannot handle or identify. It is therefore useful to perform a deferred analysis of logged network data, in an(More)
This paper presents a framework that can be utilized for the protection of session initiation protocol (SIP)-based infra-structures from malformed message attacks. Its main characteristic is that it is lightweight and that it can be easily adapted to heterogeneous SIP implementations. The paper analyzes several real-life attacks on VoIP services and(More)
The commercial deployment of VoIP necessitates the employment of security mechanisms that can assure availability, reliability, confidentiality and integrity. The Session Initiation Protocol (SIP) is considered as the dominant signalling protocol for calls over the Internet. SIP, like other Internet protocols, is vulnerable to known Internet attacks, while(More)