Survey of practical security frameworks for defending SIP based VoIP systems against DoS/DDoS attacks

Since its existence for the past ten years, the SIP-based Voice Over IP (VoIP) network is playing a key role in the current and future communication by utilising the existing broadband Internet access. Unfortunately, Denial of Service and Distributed Denial of Service (DoS/DDoS) attacks can inflict harmful threats to various nodes (SIP proxy servers, User agents, etc) and may cause failure to the SIP system. This is one reason why over 40 proposals, addressing these problems, have been published. Regrettably, not many of these researchers have considered scalability, extensibility and other performance issues by testing their promising prevention techniques in a real network. We find that there are around eight practical frameworks and the aim of this paper is to revisit these countermeasures solutions. We propose a new way of evaluation criteria and a comparative study of the researchers´ ideas are being addressed based on the models (if any) used, the network architectures and the results. We however do not judge any of these proposals; instead we give hints on how the attacks on VoIP networks could be further addressed.