Analysis, Testing and Mitigation of SIP_based DDoS attacks on VoIP networks.

Analysis, Testing and Mitigation of SIP_based DDoS attacks on VoIP networks.

Abstract

SIP is a lightweight application layer protocol designed to manage and establish multimedia sessions, such as those required in video conferencing, Voice over IP telephony, messaging, and data sharing. SIP servers are vulnerable to denial of service (flooding) attacks, and are typically located inside the corporate LAN behind a firewall with SIP flooding protection. In this project, we demonstrate how such firewalls can be defeated and a SIP flooding attack achieved, and then describe a firewall mechanism to counter this form of attack. A further improvement involving enhancements to the SIP server is also described and test results detailed. This work has involved use of the innovative JAIN SLEE environment to develop an enhanced SIP Server, and the advantages of this environment are discussed.