MAC Based Routing Table Approach to Detect and Prevent DDoS Attacks and Flash Crowds in VoIP Networks

The Hype Cycles for Consumer Technologies announced that the level of "Slope of Enlightenment" was achieved by Voice over Internet Protocol (VoIP) in 2007. This stable growth rate expects that the level of "Plateau of productivity" will be achieved in the forthcoming years. While marching towards the exponential growth by balancing other promoting technologies, security becomes the pressing factor. VoIP should not compromise for security which may depreciate its growth rate. Since the rate of the users using VoIP services increases more than the expected, it is vulnerable to all types of attacks that Internet is now facing. The approach proposed includes a new framework, with which the Distributed Denial of Service (DDoS) attacks generated by a reflector attack using a spoofed IP address and impersonation in the VoIP networks can be detected and prevented. MAC based routing table, maintained by the server, can detect the DDoS attacks generated by a reflector attack. MD5 and RSA were used to generate the certificates for the legitimate users. This generated certificate and the routing table enable this approach to rightly detect DDoS attacks and to generate a block list of IP addresses. The next time, when there is a connection establishment request from the block listed IP address, the request will be denied. Hence, the network can be protected from being attacked in the initial phase itself. The experimental setup and the NS-2 simulation results support the method.

[1]  B. Goode,et al.  Voice over Internet protocol (VoIP) , 2002, Proc. IEEE.

[2]  Dorgham Sisalem,et al.  Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms , 2006, IEEE Network.

[3]  Nirwan Ansari,et al.  A Proactive Test Based Differentiation Technique to Mitigate Low Rate DoS Attacks , 2007, 2007 16th International Conference on Computer Communications and Networks.

[4]  Yan Bai,et al.  A survey of VoIP intrusions and intrusion detection systems , 2004, The 6th International Conference on Advanced Communication Technology, 2004..

[5]  A. Takanen,et al.  Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures , 2007 .

[6]  Ram Dantu,et al.  Detecting Spam in VoIP Networks , 2005, SRUTI.

[7]  Radu State,et al.  Intrusion detection mechanisms for VoIP applications , 2006, ArXiv.

[8]  Sushil Jajodia,et al.  VoIP Intrusion Detection Through Interacting Protocol State Machines , 2006, International Conference on Dependable Systems and Networks (DSN'06).

[9]  S. Ehlert,et al.  Specification-Based Denial-of-Service Detection for SIP Voice-over-IP Networks , 2008, 2008 The Third International Conference on Internet Monitoring and Protection.

[10]  Radu State,et al.  VoIP Malware: Attack Tool & Attack Scenarios , 2009, 2009 IEEE International Conference on Communications.

[11]  Radu State,et al.  Abusing SIP Authentication , 2008, 2008 The Fourth International Conference on Information Assurance and Security.

[12]  R. Dantu,et al.  Securing VoIP and PSTN from integrated signaling network vulnerabilities , 2006, 1st IEEE Workshop on VoIP Management and Security, 2006..

[13]  Yu Cheng,et al.  Detection of Resource-Drained Attacks on SIP-Based Wireless VoIP Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[14]  E.Y. Chen,et al.  Detecting DoS attacks on SIP systems , 2006, 1st IEEE Workshop on VoIP Management and Security, 2006..

[15]  Chung-Hsin Liu,et al.  The study of Botnet attack on VoIP , 2010, The 6th International Conference on Networked Computing and Advanced Information Management.

[16]  Danilo Bruschi,et al.  Voice over IPsec: analysis and solutions , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[17]  Chung-Hsin Liu,et al.  The Simulation for the VoIP DDoS Attack , 2008, 2008 International Conference on MultiMedia and Information Technology.