Protecting SIP server from CPU-based DoS attacks using history-based IP filtering

Authors:
Chenfeng Vincent Zhou;Christopher Leckie;Kotagiri Ramamohanarao
Affiliations:
Department of Computer Science and Software Engineering, The University of Melbourne, Australia;Department of Computer Science and Software Engineering, The University of Melbourne, Australia;Department of Computer Science and Software Engineering, The University of Melbourne, Australia
Venue:
IEEE Communications Letters
Year:
2009

Citing 2
Cited 0

Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites

Proceedings of the 11th international conference on World Wide Web
SIP security issues: the SIP authentication procedure and its processing load

IEEE Network: The Magazine of Global Internetworking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Voice over IP (VoIP) telephony is vulnerable to a range of attacks, since its operation relies on the underlying IP network. The centralized design of the major VoIP signalling protocols such as the Session Initiation Protocol (SIP) makes the registration server a target for CPU-based denial of service (DoS) attacks. In this paper, we propose a history-based IP filtering layer to defeat these DoS attacks by blocking the SIP packets from previously unseen sources. Our empirical evaluation shows that our approach achieves significant improvement in CPU utilization under DoS attacks.