RESEARCH ON DETECTING SIP MESSAGE FLOODING ATTACKS

被引:0
作者
Sun, Qibo [1 ]
Qian, Shuang [1 ]
机构
[1] Beijing Univ Posts & Telecommun, State Key Lab Network & Switching Technol, Beijing 100876, Peoples R China
来源
CIICT 2008: PROCEEDINGS OF CHINA-IRELAND INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATIONS TECHNOLOGIES 2008 | 2008年
关键词
SIP; flooding attack; detection rules; CUSUM (cumulative sum) algorithm; DOS (denial of service);
D O I
暂无
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
As the Session Initial Protocol (SIP) gains more and more acceptances in the VoIP market, DOS (Denial of Service) attacks that involve flooding SIP entities with invalid SIP messages, such as INVITE and REGISTER will become one of the most severe security threats against SIP systems. In this paper, we propose a scheme to protect the SIP systems from such flooding attack. Firstly, we analyse the principle of flooding attacks using SIP INVITE messages and extract the detection rules on a statistic base. Then we suggest a method to detect such flooding attack using the recursive Non-Parametric cumulative sum (CUSUM) algorithm. Finally, we give the result of simulation experiments.
引用
收藏
页码:278 / +
页数:4
相关论文
共 50 条
  • [1] A SIP delayed based mechanism for detecting VOIP flooding attacks
    Dassouki, Khaled
    Safa, Haidar
    Hijazi, Abbas
    El-Hajj, Wassim
    2016 INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING CONFERENCE (IWCMC), 2016, : 588 - 593
  • [2] Stateful Virtual Proxy for SIP Message Flooding Attack Detection
    Yun, Ha-Na
    Hong, Sung-Chan
    Lee, Hyung-Woo
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2009, 3 (03): : 251 - 265
  • [3] Detecting Authentication Misuse Attacks Against SIP Entities
    Pourmohseni, Sajad
    Asgharian, Hassan
    Akbari, Ahmad
    2013 10TH INTERNATIONAL ISC CONFERENCE ON INFORMATION SECURITY AND CRYPTOLOGY (ISCISC), 2013,
  • [4] Security of SIP-Based Infrastructure against Malicious Message Attacks
    Shrestha, Ajay Kumar
    8TH INTERNATIONAL CONFERENCE ON SOFTWARE, KNOWLEDGE, INFORMATION MANAGEMENT AND APPLICATIONS (SKIMA 2014), 2014,
  • [5] Modeling SIP Normal Traffic to Detect and Prevent SIP-VoIP Flooding Attacks Using Fuzzy Logic
    Hosseinpour, Mahsa
    Moghaddam, Mohammad Hossein Yaghmaee
    Seno, Seyed Amin Hosseini
    Roshkhari, Hossein Khosravi
    2016 6TH INTERNATIONAL CONFERENCE ON COMPUTER AND KNOWLEDGE ENGINEERING (ICCKE), 2016, : 274 - 279
  • [6] A novel design of a VoIP firewall proxy to mitigate SIP-based flooding attacks
    Department of Computer Science and Software Engineering, University of Canterbury, Christchurch, New Zealand
    Int. J. Internet Protoc. Technol., 2008, 2 (128-135): : 128 - 135
  • [7] A Bayesian change point model for detecting SIP-based DDoS attacks
    Kurt, Baris
    Yildiz, Cagatay
    Ceritli, Taha Yusuf
    Sankur, Bulent
    Cemgil, Ali Taylan
    DIGITAL SIGNAL PROCESSING, 2018, 77 : 48 - 62
  • [8] A whitelist-based countermeasure scheme using a Bloom filter against SIP flooding attacks
    Roh, Byeong-hee
    Kim, Ju Wan
    Ryu, Ki-Yeol
    Ryu, Jea-Tek
    COMPUTERS & SECURITY, 2013, 37 : 46 - 61
  • [9] Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints
    Dassouki, Khaled
    Safa, Haidar
    Nassar, Mohamed
    Hijazi, Abbas
    COMPUTERS & SECURITY, 2017, 70 : 618 - 633
  • [10] Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony
    Akbar, Muhammad Ali
    Farooq, Muddassar
    KNOWLEDGE AND INFORMATION SYSTEMS, 2014, 38 (02) : 491 - 510
12345