Font Size: a A A

Study Based On The Entropy Of The Telephone Network Attack Detection Method

Posted on:2012-10-20Degree:MasterType:Thesis
Country:ChinaCandidate:H LiangFull Text:PDF
GTID:2208330335496302Subject:Communication and Information System
Abstract/Summary:
The increasing demand of service gives rise to the modern telephone network's evolution from traditional voice network to the NGN based on IP packet transmission.The shortcoming that original IP network lacks QoS warranty becomes increasingly critical in telephone network. Also it brings more and more potential vulnerabilities to telephone network which make the telephone service carried by IP network face to many potential security threats. It result to that using the flaw of telephone network security mechanisms to launch an attack against the telephone network services becomes a possibility. Harassing calls and malicious calls attacks are the most serious problems, which not only can be easily launched, hided, but also make obvious results ranging from decreasing the percent of call completed to completely blocking the Telephone Service. And now for the main direction of research in network attacks are still limited to the Internet, the telephone network attacks'detection theory is in a shortage. Aiming at telephone harassment and malicious attacks, this article researched into a kind of entropy-based method of attack detection and recognition, and the main works are as follows:1. Overview of the new security situation and status of the telephone network, attack types and effects, particularly the harassment and malicious telephone calls attacking principles and typical characteristics.2. Summed up five typical telephone network attack patterns. With different network sizes, calculated Shannon entropy sequences of flow characteristics of the telephone network, by which tested the effect of identifying multiple attack patterns. According to the common characteristics of attack patterns, chose the distribution of the calling numbers of all the call records in a fixed period of time to be the parameter, combined with a sliding window to calculate the Shannon entropy of sequences. After that removing the impact of the total number of call records, the results proved that in a small-scale telephone network the method can be used to identify or detect most of the attack modes, and in the larger network, the effect is poor.3. Reserched in the using of relative entropy in different sizes of network to detection and identification the five typical attack patterns. Chose the distribution of the numbers of every calling numbers'in a fixed period of time to be the characteristic parameters and used sliding window to calculate the relative entropy of the tested data stream and normal data flow. With distribution of the relative entropy sequence ,there were sufficient proofs to show that this method has a significant effect on detecting all the five patterns of attacks in the three typical size of telephone network.
Keywords/Search Tags:telephone network, attack detection, Harassing calls, malicious calls, Shannon entropy, relative entrop
Related items