A Selective Defense for Mitigating Coordinated Call Attacks

Telephony Denial of Service (TDoS) attack is a form of Denial of Service (DoS) attack that targets telephone services, such as Voice over IP (VoIP), not allowing legitimate users to make calls. This paper proposes a new selective defense for mitigating a type of TDoS called Coordinated Call Attack where attackers simply call to each other exhausting the target VoIP server’s resources and denying service to legitimate users. Our defense builds on the defense SeVen for mitigating Application Layer DDoS attacks. We implemented and integrated SeVen in usual VoIP systems using the SIP protocol and carried out a number of experiments: without SeVen, less than 15% of users can access the target VoIP service, whereas with SeVen, around 90% of users can access the same service.

[1]  Chi Zhou,et al.  Sketch-Based SIP Flooding Detection Using Hellinger Distance , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[2]  José Meseguer,et al.  Model-Checking DoS Amplification for VoIP Session Initiation , 2009, ESORICS.

[3]  Vivek Nigam,et al.  Formal Specification and Verification of a Selective Defense for TDoS Attacks , 2016, WRLA.

[4]  D. Runia,et al.  Title of the Work , 2019, Philo of Alexandria: On the Life of Abraham.

[5]  Lukas Kencl,et al.  SIPp-DD: SIP DDoS Flood-Attack Simulation Tool , 2011, 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN).

[6]  Zhang Li,et al.  A SIP DoS flooding attack defense mechanism based on priority class queue , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[7]  Adam Lipowski,et al.  Roulette-wheel selection via stochastic acceptance , 2011, ArXiv.

[8]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[9]  Vivek Nigam,et al.  A Selective Defense for Application Layer DDoS Attacks , 2014, 2014 IEEE Joint Intelligence and Security Informatics Conference.

[10]  Chang-Yong Lee,et al.  Design and implementation of SIP-aware DDoS attack detection system , 2009, ICIS '09.

[11]  Yu Cheng,et al.  SIP Flooding Attack Detection with a Multi-Dimensional Sketch Design , 2014, IEEE Transactions on Dependable and Secure Computing.

[12]  Yu Cheng,et al.  Detection and prevention of SIP flooding attacks in voice over IP networks , 2012, 2012 Proceedings IEEE INFOCOM.

[13]  Xiao-Yu Wan,et al.  A SIP DoS Flooding Attack Defense Mechanism Based on Custom Weighted Fair Queue Scheduling , 2010, 2010 International Conference on Multimedia Technology.

[14]  Avishai Mandelbaum,et al.  Statistical Analysis of a Telephone Call , 2002 .

[15]  Mahesh Viswanathan,et al.  On Statistical Model Checking of Stochastic Systems , 2005, CAV.

[16]  S. Ehlert,et al.  Specification-Based Denial-of-Service Detection for SIP Voice-over-IP Networks , 2008, 2008 The Third International Conference on Internet Monitoring and Protection.