IEEE Transactions on Knowledge and Data Engineering
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Operating Systems Concepts
Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Survey of security vulnerabilities in session initiation protocol
IEEE Communications Surveys & Tutorials
IEEE Network: The Magazine of Global Internetworking
Evaluating DOS attacks against SIP-based VoIP systems
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
SIPAD: SIP-VoIP Anomaly Detection using a Stateful Rule Tree
Computer Communications
Hi-index | 0.24 |
The emergence of Voice over IP (VoIP) has offered numerous advantages for end users and providers alike, but simultaneously has introduced security threats, vulnerabilities and attacks not previously encountered in networks with a closed architecture like the Public Switch Telephone Network (PSTN). In this paper we propose a two layer architecture to prevent Denial of Service attacks on VoIP systems based on the Session Initiation Protocol (SIP). The architecture is designed to handle different types of attacks, including request flooding, malformed message sending, and attacks on the underlying DNS system. The effectiveness of the prevention mechanisms have been tested both in the laboratory and on a real live VoIP provider network.