Mitigation of Flooding Based Denial of Service Attack against Session Initiation Protocol Based VoIP System

The Session Initiation Protocol (SIP) is the most popular signaling protocol used in Voice over Internet Protocol (VoIP). The flooding based DoS attack can be performed by sending only hundreds of SIP messages per second to a SIP server. In this paper, we have proposed a new mitigation scheme for SIP based VoIP system which can protect it from flooding based DoS attack. This scheme is based on the INVITE and BYE messages of the SIP protocol. A prototype system for the flooding based DoS attack on SIP server and a mitigation mechanism has been designed and implemented. The performance of the proposed system has been evaluated and found to be better than other existing mechanisms.

[1]  Kotagiri Ramamohanarao,et al.  Protecting SIP server from CPU-based DoS attacks using history-based IP filtering , 2009, IEEE Communications Letters.

[2]  M.H. Shirali-Shahreza,et al.  A queue-based analysis for Denial of Service attacks on Voice over IP proxies , 2008, 2008 International Symposium on Telecommunications.

[3]  W. Werapun,et al.  Solution analysis for SIP security threats , 2009, 2009 International Conference on Multimedia Computing and Systems.

[4]  Saverio Niccolini,et al.  Protecting SIP against Very Large Flooding DoS Attacks , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[5]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[6]  Zhang Li,et al.  A SIP DoS flooding attack defense mechanism based on priority class queue , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[7]  Sushil Jajodia,et al.  Detecting VoIP Floods Using the Hellinger Distance , 2008, IEEE Transactions on Parallel and Distributed Systems.