Protecting SIP against Very Large Flooding DoS Attacks

13 years 7 months ago

Download www.cs.ucl.ac.uk

—The use of the Internet for VoIP communications has seen an important increase over the last few years, with the Session Initiation Protocol (SIP) as the most popular protocol used for signaling. Unfortunately, SIP devices are quite vulnerable to Denial-of-Service (DoS) attacks, many of them becoming unresponsive and even resetting with ﬂoods of only hundreds of packets per second. In this paper we introduce SIP Defender, a new distributed ﬁltering architecture designed to protect SIP devices against large, ﬂooding DoS attacks. In addition, we describe the implementation of the architecture’s SIP Controllers, the network devices in charge of performing the actual ﬁltering. We further present testbed performance ﬁgures for these, showing that a controller built on commodity hardware can forward an impressive 2.5 million packets per second for small SIP packets while applying one million ﬁlters as well as anti-spooﬁng mechanisms.

Felipe Huici, Saverio Niccolini, Nico d'Heureuse

Real-time Traffic

Architecture’s Sip Controllers | Communications | GLOBECOM 2009 | SIP Devices | Small Sip Packets |

claim paper

Post Info
More Details (n/a)

Added	04 Sep 2010
Updated	04 Sep 2010
Type	Conference
Year	2009
Where	GLOBECOM
Authors	Felipe Huici, Saverio Niccolini, Nico d'Heureuse

Comments (0)

Sciweavers

Protecting SIP against Very Large Flooding DoS Attacks

Architecture’s Sip Controllers | Communications | GLOBECOM 2009 | SIP Devices | Small Sip Packets |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers