Sciweavers

GLOBECOM
2009
IEEE

Protecting SIP against Very Large Flooding DoS Attacks

14 years 3 months ago
Protecting SIP against Very Large Flooding DoS Attacks
—The use of the Internet for VoIP communications has seen an important increase over the last few years, with the Session Initiation Protocol (SIP) as the most popular protocol used for signaling. Unfortunately, SIP devices are quite vulnerable to Denial-of-Service (DoS) attacks, many of them becoming unresponsive and even resetting with floods of only hundreds of packets per second. In this paper we introduce SIP Defender, a new distributed filtering architecture designed to protect SIP devices against large, flooding DoS attacks. In addition, we describe the implementation of the architecture’s SIP Controllers, the network devices in charge of performing the actual filtering. We further present testbed performance figures for these, showing that a controller built on commodity hardware can forward an impressive 2.5 million packets per second for small SIP packets while applying one million filters as well as anti-spoofing mechanisms.
Felipe Huici, Saverio Niccolini, Nico d'Heureuse
Added 04 Sep 2010
Updated 04 Sep 2010
Type Conference
Year 2009
Where GLOBECOM
Authors Felipe Huici, Saverio Niccolini, Nico d'Heureuse
Comments (0)