Title :
A whitelist approach to protect SIP servers from flooding attacks
Author :
Chen, Eric Y. ; Itoh, Mistutaka
Author_Institution :
NTT Inf. Sharing Platform Labs., NTT Corp., Musashino, Japan
Abstract :
As SIP-based VoIP services are expected to slowly replace the traditional PSTN services, SIP servers are becoming potential targets of various attacks, one of which is flooding. In this paper, we argue that whitelist, as a strategy to defend against flooding attacks, can be more effective on a SIP server than a Web server. Since most SIP clients tend to have persistent connections with their server, and a whitelist is relatively easy to maintain. The methodology we propose to build a whitelist is capable of keeping the most comprehensive and up-to-date information about the legitimate SIP clients without any integration with a SIP server. We also study the impact of various attacks on a SIP server, and evaluate the effectiveness of our approach under the most powerful attacks.
Keywords :
Internet telephony; client-server systems; computer network security; signalling protocols; PSTN services; SIP clients; SIP servers; SIP-based VoIP services; Web server; flooding attacks; persistent connections; whitelist; Authentication; Computer crime; Floods; IP networks; Registers; Web server; DoS attacks; SIP; VoIP security; flooding; whitelist;
Conference_Titel :
Communications Quality and Reliability (CQR), 2010 IEEE International Workshop Technical Committee on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-7795-1
DOI :
10.1109/CQR.2010.5619917
