A whitelist approach to protect SIP servers from flooding attacks

2010 IEEE International Workshop Technical Committee on Communications Quality and Reliability, CQR 2010

Volumn , Issue , 2010, Pages

  Chen, Eric Y ^a   Itoh, Mistutaka ^a  

^a NTT CORPORATION   (Japan)

Author keywords

DoS attacks; Flooding; SIP; VoIP security; Whitelist

Indexed keywords

DOS ATTACKS; FLOODING; SIP; VOIP SECURITY; WHITELIST;

COMPUTER CRIME; INTERNET TELEPHONY; SERVERS; VOICE/DATA COMMUNICATION SYSTEMS;

INTERNET PROTOCOLS;

EID: 78650118295     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CQR.2010.5619917     Document Type: Conference Paper

References (21)

1. P. Park, Voice over IP Security, Cisco Press, 2008.
2. H. Dwivedi, Hacking VoIP: Protocols, Attacks, and Countermeasures, No Starch Press, 2008.
3. P. Thermos and A. Takanen, Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures, Addison-Wesley Professional, 2007.
4. D. Sisalem, J. Floroiu, J. Kuthan, U. Abend, and P.H. Schulzrinne, SIP Security, Wiley, 2009.
5. D. Geneiatakis, T. Dagiuklas, G. Kambourakis, C. Lambrinoudakis, S. Gritzalis, K. Ehlert, and D. Sisalem, "Survey of security vulnerabilities in session initiation protocol," Communications Surveys & Tutorials, IEEE, vol. 8, 2006, pp. 68-81.
6. Eun-Chul Cha, Hyoung-Kee Choi, and Sung-Jae Cho, "Evaluation of Security Protocols for the Session Initiation Protocol," Computer Communications and Networks, 2007. ICCCN 2007. Proceedings of 16th International Conference on, 2007, pp. 611-616.
7. E.Y. Chen and M. Itoh, "Scalable Detection of SIP Fuzzing Attacks," 2008 Second International Conference on Emerging Security Information, Systems and Technologies, Cap Esterel, France: 2008, pp. 114-119.
8. E. Chen, "Detecting DoS attacks on SIP systems," VoIP Management and Security, 2006. 1st IEEE Workshop on, 2006, pp. 53-58.
9. S. Ehlert, Chengjian Wang, T. Magedanz, and D. Sisalem, "Specification-Based Denial-of-Service Detection for SIP Voice-over-IP Networks," Internet Monitoring and Protection, 2008. ICIMP '08. The Third International Conference on, 2008, pp. 59-66.
10. D. Sisalem, J. Kuthan, and S. Ehlert, "Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms," Network, IEEE, vol. 20, 2006, pp. 26-31.
11. G. Zhang, S. Ehlert, T. Magedanz, and D. Sisalem, "Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding," Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, New York City, New York: ACM, 2007, pp. 57-66.
12. Xianglin Deng and M. Shore, "Advanced Flooding Attack on a SIP Server," Availability, Reliability and Security, 2009. ARES '09. International Conference on, 2009, pp. 647-651.
13. Ming Luo, Tao Peng, and C. Leckie, "CPU-based DoS attacks against SIP servers," Network Operations and Management Symposium, 2008. NOMS 2008. IEEE, 2008, pp. 41-48.
14. Tao Peng, C. Leckie, and K. Ramamohanarao, "Protection from distributed denial of service attacks using history-based IP filtering," Communications, 2003. ICC '03. IEEE International Conference on, 2003, pp. 482-486 vol.1.
15. C. Zhou, C. Leckie, and K. Ramamohanarao, "Protecting SIP server from CPU-based DoS attacks using history-based IP filtering," Communications Letters, IEEE, vol. 13, 2009, pp. 800-802.
16. H. Schulzrinne, A. Johnston, M. Handley, R. Sparks, J. Rosenberg, J. Peterson, E. Schooler, and G. Camarillo, "SIP: Session Initiation Protocol," Jun. 2002.
17. S. Donovan, A. Johnston, C. Cunningham, K. Summers, and R. Sparks, "Session Initiation Protocol (SIP) Basic Call Flow Examples," Dec. 2003.
18. A. Berger and M. Hefeeda, "Exploiting SIP for botnet communication," Secure Network Protocols, 2009. NPSec 2009. 5th IEEE Workshop on, 2009, pp. 31-36.
19. "PIKE module," http://www.iptel.org/ser/doc/modules/pike.
20. "SIPSAK Man Page," http://sipsak.org/man-page.html.
21. "SmartProbe from NTT-AT," http://www.itmedia.co.jp/enterprise/ 0210/02/n17.html.