Title :
A restrictive model (RM) for detection and prevention of INVITE flooding attack
Author :
Raza, Muhammad Ahmad ; Khan, Ajmal ; Raza, M.
Abstract :
The denial of service (DOS) attack is a known problem in computer networks. This paper reviews DOS attack at the Application layer using session initiation protocol (SIP). Most of the existing solutions are based on adaptive threshold, cumulative sum, and Hellinger distance (HD). The HD uses number of INVITE messages for prediction of the possible flooding attack. A limitation of these approaches is that they all need training phase before actually being tested in the real situation. The proposed method proposes a completely different solution where transport layer protocol based on UDP is used to block the stream of undesired packets. This approach is novel and found to be working in various situations. The algorithm is rigorously tested using the network simulator NS2.
Keywords :
computer network security; signalling protocols; transport protocols; DOS attack; HD; Hellinger distance; INVITE flooding attack; NS2 network simulator; RM; SIP; UDP protocol; adaptive threshold; application layer; cumulative sum; denial of service attack; restrictive model; session initiation protocol; transport layer protocol; Availability; Buffer storage; Computer crime; Floods; IP networks; Protocols; Servers; IP multimedia subsystem (IMS); Key Words: Session initiation protocol (SIP); denial of service (DOS) attack;
Conference_Titel :
Computer,Control & Communication (IC4), 2013 3rd International Conference on
Conference_Location :
Karachi
Print_ISBN :
978-1-4673-6011-1
DOI :
10.1109/IC4.2013.6653766
