Two layer Denial of Service prevention on SIP VoIP infrastructures

Authors:
Sven Ehlert;Ge Zhang;Dimitris Geneiatakis;Georgios Kambourakis;Tasos Dagiuklas;Jiří Markl;Dorgham Sisalem
Affiliations:
Fraunhofer Institute FOKUS, Next Generation Network Infrastructures, Kaiserin-Augusta-Allee 31, Berlin 10589, Germany;Fraunhofer Institute FOKUS, Next Generation Network Infrastructures, Kaiserin-Augusta-Allee 31, Berlin 10589, Germany;University of the Aegean, Greece;University of the Aegean, Greece;TEI of Mesolonghi, Greece;Nextsoft, Prague, Czech Republic;Tekelec, Berlin, Germany
Venue:
Computer Communications
Year:
2008

Citing 8
Cited 2

Caching on the World Wide Web

IEEE Transactions on Knowledge and Data Engineering
SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments

DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)

Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Operating Systems Concepts

Operating Systems Concepts
Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding

Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Survey of security vulnerabilities in session initiation protocol

IEEE Communications Surveys & Tutorials
Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms

IEEE Network: The Magazine of Global Internetworking

Evaluating DOS attacks against SIP-based VoIP systems

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
SIPAD: SIP-VoIP Anomaly Detection using a Stateful Rule Tree

Computer Communications

Quantified Score

Hi-index	0.24

Visualization

Abstract

The emergence of Voice over IP (VoIP) has offered numerous advantages for end users and providers alike, but simultaneously has introduced security threats, vulnerabilities and attacks not previously encountered in networks with a closed architecture like the Public Switch Telephone Network (PSTN). In this paper we propose a two layer architecture to prevent Denial of Service attacks on VoIP systems based on the Session Initiation Protocol (SIP). The architecture is designed to handle different types of attacks, including request flooding, malformed message sending, and attacks on the underlying DNS system. The effectiveness of the prevention mechanisms have been tested both in the laboratory and on a real live VoIP provider network.