Effectiveness of SIP Server Under SIP Flooding Attack During VoIP Calls
- 23 Downloads
Voice over Internet Protocol (VoIP) service is increasingly one of the most widespread applications since few decades. Data traffic of VoIP service faces various challenges and threats. The Session Initiation Protocol (SIP) flooding attack is one of the popular threats to this service. Flooding attack is the most severe attack as it is easy to generate and capture the networks and nodes that further lead to Denial of Service attack. Therefore, the performance analysis of SIP servers requires more focus. In this paper, effectiveness of SIP server under SIP flooding attack is evaluated using various message scenarios by setting up an experimental test bed. The stress testing of SIP server is carried out with CPU and memory utilization check. The quality of VoIP calls is measured in term of three quality metrics jitter, delay and packet loss. It is observed that with the increase of simultaneous calls, quality of VoIP calls degraded.
KeywordsVoIP SIP flooding attack SIP server DoS Jitter Delay Packet loss
- 1.Andon Batchvarov. (2004). Security issues and solutions for voice over IP compared to circuit switched networks (pp. 1–14). Institute of Communication Networks and Computer Engineering. University of Stuttgart.Google Scholar
- 2.Alo, U. R., & Firday, N. H. (2013). Voice over internet protocol (VOIP): overview, direction and challenges. IISTE, 3(4), 18–28.Google Scholar
- 3.Deng, Xianglin. (2008). Security of VoIP analysis, testing and mitigation of SIP-based DDoS attacks on VoIP networks. New Zealand: Department of Computer Science, University of Canterbury.Google Scholar
- 4.Rosenberg, J., & Schulzrinne, H. (2002). Session initiation protocol (SIP): Locating SIP servers. RFC 3263.Google Scholar
- 5.Intesab, H., Soufiene, D., Zonghua, Z., & Farid Naït-Abdesselam. (2015). A comprehensive study of flooding attack consequences and counter measures in Session Initiation Protocol (SIP) (pp. 4436–4451). Security and Communication Networks, Wiley.Google Scholar
- 6.Ehlert, S., Zhang, G., Geneiatakis, D., Kambourakis, G., Dagiuklas, T., Markl, J., et al. (2008). Two layer Denial of Service prevention on SIP VoIP infrastructures (pp. 2443–2456) Elsevier Computer Communications.Google Scholar
- 7.Sisalem, D., Kuthan, J., Ehlertand, T. S., & Fokus, F. (2006). Denial of attacks targeting a SIP VoIP infrastructure: Attack scenarios and prevention mechanisms. IEEE Network, 26–31.Google Scholar
- 8.Tang, J., Cheng, Y., & Hao, Y. (2012). Detection and prevention of sip flooding attacks in voice over IP networks. IEEE INFCOM, 1161–1169.Google Scholar
- 9.Bansal, A., Kulkarni, P., & Pais, A. R. (2013). Effectiveness of SIP messages on SIP server. In Proceedings of IEEE international conference on information and communication technologies (pp. 251–256).Google Scholar
- 10.Voznakand, M., & Safarik, J. (2012). DoS attacks targeting sip server and improvements of robustness. International Journal of Mathematics and Computers In Simulation., 6(1), 1–8.Google Scholar
- 11.SIPp - test tool for the SIP protocol. Online Available: http://sipp.sourceforge.net/ (2009).
- 12.Asterisk Communication Framework. Online Available: http://www.asterisk.org.