Coping with denial-of-service attacks on the IP telephony system
| Autor: | Frantz Cadet, Daniel T. Fokum |
|---|---|
| Rok vydání: | 2016 |
| Předmět: |
Scheme (programming language)
Engineering Voice over IP SIMPLE (military communications protocol) business.industry ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology Computer security computer.software_genre Software deployment Server 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing The Internet Telephony business computer Computer network computer.programming_language |
| Zdroj: | SoutheastCon 2016. |
| Popis: | IP Telephony or simply Voice over IP (VoIP) is technology that enables real time voice communications over packet switched networks using TCP/IP. This technology is booming and its deployment is very complex. VoIP is often deployed in an open environment; therefore, it is subject to the same threats, e.g., denial-of-service attacks (DoS), frequently seen on the Internet. Given this, our first objective is to analyze and evaluate the countermeasures used to cope with DoS attacks against VoIP. We assess DoS detection and prevention schemes and simulate a SIP-based flooding attack against a widely used SIP server. An emulated test-bed environment was set up and the results of our experiment provided motivation for proposing a new mitigation scheme. This scheme consists of implementing Snort in inline mode as an Intrusion Protection System (IPS). Snort is used in conjunction with Iptables to provide security protection to the SIP server. Experimental evaluations of this scheme were conducted. The results then assisted us in assessing the proposed defense scheme, which is simple, lightweight, and can be easily deployed. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|