• DocumentCode
    2027759
  • Title

    Detecting DoS attacks on SIP systems

  • Author

    Chen, Eric Y.

  • Author_Institution
    NTT Inf. Sharing Platform Lab., NTT Corp., Tokyo, Japan
  • fYear
    2006
  • fDate
    38810
  • Firstpage
    53
  • Lastpage
    58
  • Abstract
    As VoIP technology becomes more widely deployed due to its economical advantage over traditional PSTN services, VoIP servers and clients will become attractive targets of denial of service (DoS) attacks. This paper proposes a method to detect DoS attacks that involve flooding SIP entities with illegitimate SIP messages. We modify the original finite-state machines for SIP transactions in such a way that transaction anomalies can be detected in a stateful manner. We also propose to use four threshold parameters to confirm an attack.
  • Keywords
    Internet telephony; client-server systems; protocols; quality of service; telecommunication security; DoS; SIP; VoIP technology; client-server system; denial of service attack; session initiation protocol; transaction anomaly; Bandwidth; Computer crashes; Computer crime; Floods; Laboratories; Microprogramming; Network servers; Reflection; Web and internet services; Web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    VoIP Management and Security, 2006. 1st IEEE Workshop on
  • Print_ISBN
    1-4244-0144-5
  • Type

    conf

  • DOI
    10.1109/VOIPMS.2006.1638123
  • Filename
    1638123
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2027759