Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
SIP security issues: the SIP authentication procedure and its processing load
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
Voice over IP (VoIP) telephony is vulnerable to a range of attacks, since its operation relies on the underlying IP network. The centralized design of the major VoIP signalling protocols such as the Session Initiation Protocol (SIP) makes the registration server a target for CPU-based denial of service (DoS) attacks. In this paper, we propose a history-based IP filtering layer to defeat these DoS attacks by blocking the SIP packets from previously unseen sources. Our empirical evaluation shows that our approach achieves significant improvement in CPU utilization under DoS attacks.