A Mitigation Method for SIP Distributed Flooding Attack

This paper studies the theory of SIP distributed flooding attack and the character of SIP protocol itself.A mitigation method for SIP distributed flooding attack which based on security level is proposed.It classifies SIP message according to the SIP session history and SIP itself,attack is alarmed by the traffic monitoring.While attack is detected,mitigation method would set up the suitable security level;the messages that exceed the level would be dropped.The simulation results show that this mitigation method can detect and defend SIP distributed flooding attacks,and effectively reduce the probability of SIP proxy server or IMS server be attacked.