Abstract—Voice over internet protocol (VoIP) communication services have been widely used in recent years. VoIP is a real-time communication service prone to attack; once attacked, it is more difficult to be addressed in real time as compared to off-line Email. The attacker may transmit large sum of online request messages to the SIP server to cause congestion or even breakdown of the machine to make it unable to provide services. The proposed defense mechanism will filter malformed messages inconsistent with SIP protocol and judge whether SIP server suffers any flooding attack. Once attack is detected, this study will immediately update the black-list on the SIP server and use the SIP server built-in function to block the online requests of specific users on the black-list.
Index Terms—Flooding attack, malformed messages, session initiation protocol (SIP), voice over internet protocol (VOIP).
The authors are with the Department of Computer Science and Information Engineering, Ming Chuan University, Taoyuan, Taiwan (e-mail: minysu@mail.mcu.edu.tw, hatsumi.17y@gmail.com).
[PDF]
Cite: Ming-Yang Su and Chung-Chun Chen, "Prevention of Anomalous SIP Messages," International Journal of Future Computer and Communication vol. 2, no. 5, pp. 446-450, 2013.