University of Hertfordshire

By the same authors

SIPchain: SIP Defense Cluster with Blockchain

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Documents

View graph of relations
Original languageEnglish
Title of host publicationIPTComm 2019: Principles, Systems and Applications of IP Telecommunications
PublisherIEEE
Number of pages8
ISBN (Electronic)9781728142012
ISBN (Print)9781728142029
DOIs
Publication statusPublished - 5 Dec 2019

Abstract

The Session Initiation Protocol (SIP) is an application-layer control protocol for creating, modifying, and terminating Voice/Video over IP sessions. While deployed globally to facilitate multimedia communications, SIP is subject to various attacks. The defense against SIP attacks, however, often lack expertise due to the limited resources within the organization. When there is a large footprint of SIP systems, scaling and keeping up SIP defense becomes crucial in safeguarding these systems. This paper proposes SIPchain, a distributed SIP defense cluster system that leverages Blockchain technology as a distributed, highly-available, and permanent ledger of Indicator of Compromise (IOC). Each node in this cluster is a sensor and shares attack intelligence with other nodes via Blockchain. Each node reads information from the Blockchain and implements the appropriate firewall rule based on this information. This approach scales the defense because each node can leverage the actionable intelligence provided by other nodes and does not have to perform detection on their own. Experiments have been performed using a cluster of three SIP nodes in three different countries (US, UK, and Singapore) and the Ethereum Blockchain network. The result shows that when a node detected an attack, it produced and stored the IOC information at the Ethererum. Fellow SIP nodes retrieved this information, implemented firewall rule based on this information, and were proactively prepared when the same attack was launched against them. This SIPchain approach scales the SIP defense effort by utilizing Blockchain technology to secure the ever-growing footprint of SIP systems within the organization.

ID: 17369813