• DocumentCode
    2824923
  • Title

    A whitelist approach to protect SIP servers from flooding attacks

  • Author

    Chen, Eric Y. ; Itoh, Mistutaka

  • Author_Institution
    NTT Inf. Sharing Platform Labs., NTT Corp., Musashino, Japan
  • fYear
    2010
  • fDate
    8-10 June 2010
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    As SIP-based VoIP services are expected to slowly replace the traditional PSTN services, SIP servers are becoming potential targets of various attacks, one of which is flooding. In this paper, we argue that whitelist, as a strategy to defend against flooding attacks, can be more effective on a SIP server than a Web server. Since most SIP clients tend to have persistent connections with their server, and a whitelist is relatively easy to maintain. The methodology we propose to build a whitelist is capable of keeping the most comprehensive and up-to-date information about the legitimate SIP clients without any integration with a SIP server. We also study the impact of various attacks on a SIP server, and evaluate the effectiveness of our approach under the most powerful attacks.
  • Keywords
    Internet telephony; client-server systems; computer network security; signalling protocols; PSTN services; SIP clients; SIP servers; SIP-based VoIP services; Web server; flooding attacks; persistent connections; whitelist; Authentication; Computer crime; Floods; IP networks; Registers; Web server; DoS attacks; SIP; VoIP security; flooding; whitelist;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications Quality and Reliability (CQR), 2010 IEEE International Workshop Technical Committee on
  • Conference_Location
    Vancouver, BC
  • Print_ISBN
    978-1-4244-7795-1
  • Type

    conf

  • DOI
    10.1109/CQR.2010.5619917
  • Filename
    5619917
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2824923