Detection of SIP Flooding Attacks based on the Upper Bound of the Possible Number of SIP Messages

被引：8

作者：

Ryu, Jea-Tek ^{[1
]}

Roh, Byeong-Hee ^{[1
]}

Ryu, Ki-Yeol ^{[1
]}

机构：

[1] Ajou Univ, Grad Sch Informat & Commun, Suwon 443749, South Korea

来源：

KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS | 2009年 / 3卷 / 05期

关键词：

SIP flooding; flooding detection; SIP flooding attack; SIP security; SIP threat;

D O I：

10.3837/tiis.2009.05.006

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Since SIP uses a text-based message format and is open to the public Internet, it provides a number of potential opportunities for Denial of Service (DoS) attacks in a similar manner to most Internet applications. In this paper, we propose an effective detection method for SIP flooding attacks in order to deal with the problems of conventional schemes. We derive the upper bound of the possible number of SIP messages, considering not only the network congestion status but also the different properties of individual SIP messages such as INVITE, BYE and CANCEL. The proposed method can be easily extended to detect flooding attacks by other SIP messages.

引用

页码：507 / 526

页数：20

共 50 条

[21] Detect SIP Flooding Attacks in VoLTE by Utilizing and Compressing Counting Bloom Filter
Wu, Mingli
Ruan, Na
Ma, Shiheng
Zhu, Haojin
Jia, Weijia
Xue, Qingshui
Wu, Songyang
WIRELESS ALGORITHMS, SYSTEMS, AND APPLICATIONS, WASA 2017, 2017, 10251 : 124 - 135
[22] Intrusion detection system for signal based SIP attacks through timed HCPN
Ding, Yanlan
Su, Guiping
ARES 2007: SECOND INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2007, : 190 - +
[23] Stateful Virtual Proxy for SIP Message Flooding Attack Detection
Yun, Ha-Na
Hong, Sung-Chan
Lee, Hyung-Woo
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2009, 3 (03): : 251 - 265
[24] Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony
Akbar, Muhammad Ali
Farooq, Muddassar
KNOWLEDGE AND INFORMATION SYSTEMS, 2014, 38 (02) : 491 - 510
[25] Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony
Muhammad Ali Akbar
Muddassar Farooq
Knowledge and Information Systems, 2014, 38 : 491 - 510
[26] SIP Intrusion Detection and Response Architecture for Protecting SIP-based Services
Ko, KyoungHee
Kim, Hwan-Kuk
Kim, JeongWook
Lee, Chang-Yong
Jeong, HyunCheol
PROCEEDINGS OF THE 8TH WSEAS INTERNATIONAL CONFERENCE ON APPLIED COMPUTER SCIENCE (ACS'08): RECENT ADVANCES ON APPLIED COMPUTER SCIENCE, 2008, : 405 - +
[27] Automatic Detection of SIP-aware Attacks on VoLTE Device
Zhang, Shen
Zhou, Lu
Wu, MingLi
Tang, Zhushou
Ruan, Na
Zhu, Haojin
2016 IEEE 84TH VEHICULAR TECHNOLOGY CONFERENCE (VTC FALL), 2016,
[28] A Flow-based Traffic Model for SIP Messages in IMS
Xiao, Jie
Huang, Changcheng
Yan, James
GLOBECOM 2009 - 2009 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1-8, 2009, : 2665 - 2671
[29] SIP Flooding Attack Detection with a Multi-Dimensional Sketch Design
Tang, Jin
Cheng, Yu
Hao, Yong
Song, Wei
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2014, 11 (06) : 582 - 595
[30] Detection of Resource-Drained Attacks on SIP-Based Wireless VoIP Networks
Tang, Jin
Hao, Yong
Cheng, Yu
Zhou, Chi
2010 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE GLOBECOM 2010, 2010,

← 1 2 3 4 5 →