Title :
Protecting SIP against Very Large Flooding DoS Attacks
Author :
Huici, Felipe ; Niccolini, Saverio ; D´Heureuse, Nico
Abstract :
The use of the Internet for VoIP communications has seen an important increase over the last few years, with the Session Initiation Protocol (SIP) as the most popular protocol used for signaling. Unfortunately, SIP devices are quite vulnerable to Denial-of-Service (DoS) attacks, many of them becoming unresponsive and even resetting with floods of only hundreds of packets per second. In this paper we introduce SIP Defender, a new distributed filtering architecture designed to protect SIP devices against large, flooding DoS attacks. In addition, we describe the implementation of the architecture´s SIP Controllers, the network devices in charge of performing the actual filtering. We further present testbed performance figures for these, showing that a controller built on commodity hardware can forward an impressive 2.5 million packets per second for small SIP packets while applying one million filters as well as anti-spoofing mechanisms.
Keywords :
Internet telephony; computer network security; signalling protocols; Internet; VoIP communication; anti-spoofing mechanism; commodity hardware; denial-of-service attacks; distributed filtering architecture; session initiation protocol controllers; session initiation protocol defender; signalling protocol; Computer crime; Europe; Filtering; Filters; Floods; Hardware; Internet telephony; National electric code; Protection; Protocols;
Conference_Titel :
Global Telecommunications Conference, 2009. GLOBECOM 2009. IEEE
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4244-4148-8
DOI :
10.1109/GLOCOM.2009.5425524
