skip to main content
10.1145/1595637.1595645acmconferencesArticle/Chapter ViewAbstractPublication PagesiptcommConference Proceedingsconference-collections
research-article

Using game theory to configure P2P SIP

Published: 07 July 2009 Publication History

Abstract

In this paper we propose a framework for the analysis of the security in peer-to-peer Session Initiation Protocol based infrastructures. The proposed approach defines a game theoretical model for both an attacker as well as the defender and uses the Nash equilibrium to derive optimal attack and defensive strategies for both entities. We address the specific threats related to SPam over Internet Telephony, flooding and non-cooperative behavior and assess defensive mechanisms based on thresholds and redundant retransmissions. The paper summarizes the main results based on extensive Monte-Carlo simulations of this game.

References

[1]
Mohammad Salim Ahmed, Ehab Al-Shaer, and Latifur Khan. A novel approach quantitative approach for measuring network security. In Proceedings of IEEE Infocomm 2008. IEEE, 2008.
[2]
Mohammad Salim Ahmed, Ehab Al-Shaer, Mohamed Taibah, Muhammad Abedin, and Latifur Khan. Towards autonomic risk-aware security configuration. In Proceedings of IEEE Network Operation and Management Symposium NOMS 2008. IEEE, 2008.
[3]
Ivan Arce and Elias Levy. An analysis of the slapper worm. In proceedings of IEEE Security & Privacy, 2003.
[4]
S. Becker, R. State, and T. Engel. Defensive configuration with game theory. Accepted to IEEE/IFIP IM 2009, May 2008.
[5]
Stefano Bistarelli, Marco Dalli Aglio, and Pamela Paretti. "Strategic games on defense trees". In Proceedings of FAST 2007, pages 1--15. LNCS, 2007.
[6]
John R. Douceur and Judith S. Donath. The sybil attack. pages 251--260, 2002.
[7]
J. Rosenberg et al. Rfc3261, sip: Session initiation protocol. 2002.
[8]
Ali Fessi, Heiko Niedermayer, Holger Kinkelin, and Georg Carle. A cooperative sip infrastructure for highly reliable telecommunication services. In IPTComm '07: Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, pages 29--38, New York, NY, USA, 2007. ACM.
[9]
Jens Fiedler, Tomas Kupka, Sven Ehlert, Thomas Magedanz, and Dorgham Sisalem. Voip defender: highly scalable sip-based security architecture. In IPTComm '07: Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, pages 11--17, New York, NY, USA, 2007. ACM.
[10]
Amy Greenwald. Matrix games and nash equilibrium. 2007.
[11]
Kjetl Haslum and Andr Arnes. "Multisensor real-time risk assessment using continuous-time hidden markov models. In Proceedings of LNAI 2007, pages 694--703. LNCS, 2007.
[12]
Kjell Hausken. Risk Analysis, chapter Probabilistic Risk Analysis and Game Theory. Blackwell Publishing, 2002.
[13]
Douglas W. Hubbard. How to Measure Anything: Finding the Value of 'Intangibles' in Business. Wiley, 2007.
[14]
Mohamed Nassar, Saverio Niccolini, Radu State, and Thilo Ewald. Holistic voip intrusion detection and prevention system. In IPTComm '07: Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, pages 1--9, New York, NY, USA, 2007. ACM.
[15]
Yi Qian, James Joshi, David Tipper, and Prashant Krishnamurthy. Information Assurance. Morgan Kaufmann, 2007.
[16]
Yacine Rebahi, Muhammad Sher, and Thomas Magedanz. Detecting flooding attacks against ip multimedia subsystem (ims) networks. In IEEE/ACS International Conference on Computer Systems and Applications, pages 848--851, 2008.
[17]
Konrad Rieck, Stefan Wahl, Pavel Laskov, Peter Domschitz, and Klaus-Robert Müller. A self-learning system for detection of anomalous sip messages. pages 90--106, 2008.
[18]
Mehmet Sahinoglu. Security meter: A practical decision-tree model to quantify risk. IEEE Security & Privacy, 2005.
[19]
R. Schlegel, S. Niccolini, S. Tartarelli, and M. Brunner. SPam over Internet Telephony (SPIT) Prevention Framework. In IEEE Global Telecommunications Conference, pages 1--6, 2006.
[20]
Jan Seedorf. Security Challenges for Peer-to-Peer SIP. In IIEEE Network, pages 38--45, 2006.
[21]
Kundan Singh and Henning Schulzrinne. Peer to peer telephony using SIP. In Proceedings of the International Workshop on Network and Operating System Support for Digital Video and Audio 2005, pages 63--68. ACM, 2005.
[22]
Kundan Singh and Henning Schulzrinne. Using an external dht as a sip location service. 2006.
[23]
I. Stoica, R. Morris, D. Liben-Nowell, D. R. Karger, M. F. Kaashoek, F. Dabek, and H. Balakrishnan. Chord: a scalable peer-to-peer lookup protocol for Internet applications. In IEEE/ACM Transactions on Networking, pages 17--32, 2003.
[24]
Lingyu Wang, Steven Noel, and Sushil Jajodia. Minimum-cost network hardening using attack graphs. Comput. Commun., 29(18):3812--3824, 2006.
[25]
Lingyu Wang, Anoop Singhal, and Sushil Jajodia. Measuring the overall security of network configurations using attack graphs. Data and Applications Security XXI, pages 98--112, 2007.
[26]
Lingyu Wang, Anoop Singhal, and Sushil Jajodia. Toward measuring network security using attack graphs. In QoP '07: Proceedings of the 2007 ACM workshop on Quality of protection, pages 49--54, New York, NY, USA, 2007. ACM.

Cited By

View all
  • (2015)An Online Risk Management Strategy for VoIP Enterprise InfrastructuresJournal of Network and Systems Management10.1007/s10922-013-9282-423:1(137-162)Online publication date: 1-Jan-2015
  • (2012)Dynamic exposure control in P2PSIP networks2012 IEEE Network Operations and Management Symposium10.1109/NOMS.2012.6211907(261-268)Online publication date: Apr-2012
  • (2011)Applying game theory to analyze attacks and defenses in virtual coordinate systemsProceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems&Networks10.1109/DSN.2011.5958213(133-144)Online publication date: 27-Jun-2011
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
IPTComm '09: Proceedings of the 3rd International Conference on Principles, Systems and Applications of IP Telecommunications
July 2009
140 pages
ISBN:9781605587677
DOI:10.1145/1595637
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 July 2009

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article

Funding Sources

Conference

IPTComm '09
Sponsor:

Acceptance Rates

Overall Acceptance Rate 18 of 62 submissions, 29%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2015)An Online Risk Management Strategy for VoIP Enterprise InfrastructuresJournal of Network and Systems Management10.1007/s10922-013-9282-423:1(137-162)Online publication date: 1-Jan-2015
  • (2012)Dynamic exposure control in P2PSIP networks2012 IEEE Network Operations and Management Symposium10.1109/NOMS.2012.6211907(261-268)Online publication date: Apr-2012
  • (2011)Applying game theory to analyze attacks and defenses in virtual coordinate systemsProceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems&Networks10.1109/DSN.2011.5958213(133-144)Online publication date: 27-Jun-2011
  • (2010)Pr2-P2PSIPPrinciples, Systems and Applications of IP Telecommunications10.1145/1941530.1941549(134-145)Online publication date: 2-Aug-2010
  • (2010)Improving Fuzz Testing Using Game TheoryProceedings of the 2010 Fourth International Conference on Network and System Security10.1109/NSS.2010.81(263-268)Online publication date: 1-Sep-2010

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media