Title :
SIP Protector: Defense architecture mitigating DDoS flood attacks against SIP servers
Author :
Stanek, Jan ; Kencl, L.
Author_Institution :
R&D Center for Mobile Applic. (RDC), Czech Tech. Univ. in Prague, Prague, Czech Republic
Abstract :
As Voice-over-IP becomes a commonly used technology, the need to keep it secure and reliable has grown. Session Initiation Protocol (SIP) is most often used to deploy VoIP and therefore SIP servers, the base components of SIP, are the most obvious targets of potential attacks. It has been demonstrated, that SIP servers are highly prone to DDoS flood attacks, yet no generally accepted defense solution mitigating these attacks is available. We propose a novel defense architecture against SIP DDoS floods, based upon a redirection mechanism and a combination of source and destination traffic filtering, exploiting the combined advantage of all the three techniques. We show that the proposed solution effectively mitigates various types of SIP DDoS flood attacks, discuss its strengths and weaknesses and propose its potential usability for other protocols. We also provide results of performance evaluation of the defense solution deployed in a SIP testbed.
Keywords :
Internet telephony; computer network security; network servers; signalling protocols; SIP DDoS flood attack mitigation; SIP protector; SIP servers; SIP testbed; VoIP; defense architecture; redirection mechanism; session initiation protocol; source-destination traffic filtering; voice-over-IP; Computer architecture; Computer crime; Generators; IP networks; Protocols; Registers; Servers;
Conference_Titel :
Communications (ICC), 2012 IEEE International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4577-2052-9
Electronic_ISBN :
1550-3607
DOI :
10.1109/ICC.2012.6364674
