Advanced Flooding Attack on a SIP Server

Abstract

Voice over IP is gaining more popularity in today's communications. The Session Initiation Protocol (SIP) is the most popular VoIP signalling protocol is vulnerable to many kinds of attacks. Among all these attack, flood-based denial of service attacks have been identified as the biggest threat to SIP. Even though a great deal of research has been conducted into mitigating denial of service attacks, only a small proportion have been specific to SIP. This paper examines how denial of service attacks affect the performance of a SIP-based system, and proposes an Improved Security-Enhanced SIP System (ISESS) to mitigate such attacks. Experimental results are provided to demonstrate the effectiveness of ISESS. The experimental results show that with ISESS, during a flood-based denial of service attack, the performance of the system can be improved substantially.