Mechanism for Preventing Registration Flooding Attack in SIP

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 243)


The transition of voice communication from public switched telephone networks (PSTN) to IP network has offered numerous advantages, at the same time, myriad of security threats. Common among these threats is DoS attacks which was not possible in PSTN with closed architecture. This paper examines the denial-of-service (DoS) attacks on session initiation protocol (SIP) server using SIP particularly with REGISTER messages, focusing on the design of a framework to protect SIP server from such attacks. The proposed scheme introduces an intermediate server between SIP server and the User Agents, which is used to filter out attacks.


Public switched telephone networks Session initiation protocol 


  1. 1.
    Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley,M., Schooler, E.: SIP: Session Initiation Protocol, RFC 3261 (June 2002)Google Scholar
  2. 2.
    SANS Institute. SANS Top-20 2007 Security Risks, 2007.
  3. 3.
    Seo, D., Lee, H., Nuwere, E.: Detecting more SIP attacks on VoIP services by combining rule matching and state transition models. In: Proceedings of the IFIP TC 11 23rd International Information Security Conference, vol. 278, pp. 397–411. (2008)Google Scholar
  4. 4.
    Chen, E.Y., Itoh, M.: A whitelist approach to protect SIP servers from flooding attacks. In: Communications Quality and Reliability (CQR), 2010 IEEE International Workshop Technical Committee, 8–10 June 2010Google Scholar
  5. 5.
    Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attacks using history-based IP filtering. Communications, 2003. ICC ‘03. IEEE International Conference, vol. 1, pp. 482–486. (2003)Google Scholar
  6. 6.
    Ormazabal, G., Nagpal, S., Yardeni, E., Schulzrinne, H., Secure SIP: a scalable prevention mechanism for DoS attacks on SIP based VoIP systems. In: Proceedings of 2nd International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), pp. 107–132, July 2008Google Scholar
  7. 7.
    Deng, X., Shore, M.: Advanced flooding attack on a SIP server. Availability, Reliability and Security, 2009. ARES ‘09. International Conference, pp. 647–651, (2009)Google Scholar
  8. 8.
    OpenSIPS (OpenSIPS is the new name for the OpenSER project.):
  9. 9.
    Sipp, sipp.sourceforge.netGoogle Scholar

Copyright information

© Springer India 2014

Authors and Affiliations

  1. 1.Department of Computer EngineeringDIAT (DU)PuneIndia
  2. 2.CAIRDRDOBangaloreIndia

Personalised recommendations