Advanced Flooding Attack on a SIP Server

Author

Deng, Xianglin ; Shore, Malcolm

Author_Institution

Comput. Sci. & Software Eng., Univ. of Canterbury, Christchurch

fYear

2009

fDate

16-19 March 2009

Firstpage

647

Lastpage

651

Abstract

Voice over IP is gaining more popularity in today´s communications. The Session Initiation Protocol (SIP) is the most popular VoIP signalling protocol is vulnerable to many kinds of attacks. Among all these attack, flood-based denial of service attacks have been identified as the biggest threat to SIP. Even though a great deal of research has been conducted into mitigating denial of service attacks, only a small proportion have been specific to SIP. This paper examines how denial of service attacks affect the performance of a SIP-based system, and proposes an Improved Security-Enhanced SIP System (ISESS) to mitigate such attacks. Experimental results are provided to demonstrate the effectiveness of ISESS. The experimental results show that with ISESS, during a flood-based denial of service attack, the performance of the system can be improved substantially.

Keywords

Internet telephony; security of data; signalling protocols; telecommunication security; SIP server; advanced flooding attack; flood-based denial of service attacks; improved security-enhanced SIP system; session initiation protocol; voice over IP; Authentication; Computer crime; Computer science; Floods; IP networks; Internet telephony; Protocols; Registers; Security; Software engineering; DoS attack; SIP; Security; Software Tools;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security, 2009. ARES '09. International Conference on

Conference_Location

Fukuoka

Print_ISBN

978-1-4244-3572-2

Electronic_ISBN

978-0-7695-3564-7

Type

conf

DOI

10.1109/ARES.2009.15

Filename

5066541