University of Hertfordshire

By the same authors

SIPchain: SIP Defense Cluster with Blockchain

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Standard

SIPchain: SIP Defense Cluster with Blockchain. / Febro, Aldo; Xiao, Hannan; Spring, William Joseph.

IPTComm 2019: Principles, Systems and Applications of IP Telecommunications. IEEE, 2019.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Febro, A, Xiao, H & Spring, WJ 2019, SIPchain: SIP Defense Cluster with Blockchain. in IPTComm 2019: Principles, Systems and Applications of IP Telecommunications. IEEE. https://doi.org/10.1109/IPTCOMM.2019.8920874

APA

Febro, A., Xiao, H., & Spring, W. J. (2019). SIPchain: SIP Defense Cluster with Blockchain. In IPTComm 2019: Principles, Systems and Applications of IP Telecommunications IEEE. https://doi.org/10.1109/IPTCOMM.2019.8920874

Vancouver

Febro A, Xiao H, Spring WJ. SIPchain: SIP Defense Cluster with Blockchain. In IPTComm 2019: Principles, Systems and Applications of IP Telecommunications. IEEE. 2019 https://doi.org/10.1109/IPTCOMM.2019.8920874

Author

Febro, Aldo ; Xiao, Hannan ; Spring, William Joseph. / SIPchain: SIP Defense Cluster with Blockchain. IPTComm 2019: Principles, Systems and Applications of IP Telecommunications. IEEE, 2019.

Bibtex

@inproceedings{c56b85a44a8c4a728e1e5dba628ff2af,
title = "SIPchain: SIP Defense Cluster with Blockchain",
abstract = "The Session Initiation Protocol (SIP) is an application-layer control protocol for creating, modifying, and terminating Voice/Video over IP sessions. While deployed globally to facilitate multimedia communications, SIP is subject to various attacks. The defense against SIP attacks, however, often lack expertise due to the limited resources within the organization. When there is a large footprint of SIP systems, scaling and keeping up SIP defense becomes crucial in safeguarding these systems. This paper proposes SIPchain, a distributed SIP defense cluster system that leverages Blockchain technology as a distributed, highly-available, and permanent ledger of Indicator of Compromise (IOC). Each node in this cluster is a sensor and shares attack intelligence with other nodes via Blockchain. Each node reads information from the Blockchain and implements the appropriate firewall rule based on this information. This approach scales the defense because each node can leverage the actionable intelligence provided by other nodes and does not have to perform detection on their own. Experiments have been performed using a cluster of three SIP nodes in three different countries (US, UK, and Singapore) and the Ethereum Blockchain network. The result shows that when a node detected an attack, it produced and stored the IOC information at the Ethererum. Fellow SIP nodes retrieved this information, implemented firewall rule based on this information, and were proactively prepared when the same attack was launched against them. This SIPchain approach scales the SIP defense effort by utilizing Blockchain technology to secure the ever-growing footprint of SIP systems within the organization.",
author = "Aldo Febro and Hannan Xiao and Spring, {William Joseph}",
year = "2019",
month = dec,
day = "5",
doi = "10.1109/IPTCOMM.2019.8920874",
language = "English",
isbn = "9781728142029",
booktitle = "IPTComm 2019: Principles, Systems and Applications of IP Telecommunications",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - SIPchain: SIP Defense Cluster with Blockchain

AU - Febro, Aldo

AU - Xiao, Hannan

AU - Spring, William Joseph

PY - 2019/12/5

Y1 - 2019/12/5

N2 - The Session Initiation Protocol (SIP) is an application-layer control protocol for creating, modifying, and terminating Voice/Video over IP sessions. While deployed globally to facilitate multimedia communications, SIP is subject to various attacks. The defense against SIP attacks, however, often lack expertise due to the limited resources within the organization. When there is a large footprint of SIP systems, scaling and keeping up SIP defense becomes crucial in safeguarding these systems. This paper proposes SIPchain, a distributed SIP defense cluster system that leverages Blockchain technology as a distributed, highly-available, and permanent ledger of Indicator of Compromise (IOC). Each node in this cluster is a sensor and shares attack intelligence with other nodes via Blockchain. Each node reads information from the Blockchain and implements the appropriate firewall rule based on this information. This approach scales the defense because each node can leverage the actionable intelligence provided by other nodes and does not have to perform detection on their own. Experiments have been performed using a cluster of three SIP nodes in three different countries (US, UK, and Singapore) and the Ethereum Blockchain network. The result shows that when a node detected an attack, it produced and stored the IOC information at the Ethererum. Fellow SIP nodes retrieved this information, implemented firewall rule based on this information, and were proactively prepared when the same attack was launched against them. This SIPchain approach scales the SIP defense effort by utilizing Blockchain technology to secure the ever-growing footprint of SIP systems within the organization.

AB - The Session Initiation Protocol (SIP) is an application-layer control protocol for creating, modifying, and terminating Voice/Video over IP sessions. While deployed globally to facilitate multimedia communications, SIP is subject to various attacks. The defense against SIP attacks, however, often lack expertise due to the limited resources within the organization. When there is a large footprint of SIP systems, scaling and keeping up SIP defense becomes crucial in safeguarding these systems. This paper proposes SIPchain, a distributed SIP defense cluster system that leverages Blockchain technology as a distributed, highly-available, and permanent ledger of Indicator of Compromise (IOC). Each node in this cluster is a sensor and shares attack intelligence with other nodes via Blockchain. Each node reads information from the Blockchain and implements the appropriate firewall rule based on this information. This approach scales the defense because each node can leverage the actionable intelligence provided by other nodes and does not have to perform detection on their own. Experiments have been performed using a cluster of three SIP nodes in three different countries (US, UK, and Singapore) and the Ethereum Blockchain network. The result shows that when a node detected an attack, it produced and stored the IOC information at the Ethererum. Fellow SIP nodes retrieved this information, implemented firewall rule based on this information, and were proactively prepared when the same attack was launched against them. This SIPchain approach scales the SIP defense effort by utilizing Blockchain technology to secure the ever-growing footprint of SIP systems within the organization.

U2 - 10.1109/IPTCOMM.2019.8920874

DO - 10.1109/IPTCOMM.2019.8920874

M3 - Conference contribution

SN - 9781728142029

BT - IPTComm 2019: Principles, Systems and Applications of IP Telecommunications

PB - IEEE

ER -