SIP Flooding Attack Detection
- 639 Downloads
In this chapter and the following chapter, we address the SIP layer attack detection. In this chapter we focus on the well-known flooding attack and develop an online scheme to detect and subsequently prevent the attack, by integrating a novel three-dimensional sketch design with the Hellinger distance detection technique.
KeywordsExponential Weighted Moving Average Proxy Server Attack Detection User Datagram Protocol Normal Traffic
- 1.F. Gustafson and M. Lindahl, “Evaluation of statistical distributions for VoIP traffic modelling,” University Essay from University West, Department of Economics and IT, 2009.Google Scholar
- 2.J. Kurose and K. Ross, Computer Networking: A Top-Down Approach (4th ed.), Addison Wiley, 2007.Google Scholar
- 3.S. Muthukrishnan, “Data Streams: Algorithms and Applications,” in Proc. the Fourteenth Annual ACM-SIAM Symposium on Discrete Algorithms, 2003.Google Scholar
- 5.J. Rosenberg, H. Schulzrinne and G. Camarillo, “SIP: Session Initiation Protocol,” IETF RFC 3261, Jun. 2002.Google Scholar
- 7.SIPp, [Online.] Available: http://sipp.sourceforge.net/.
- 8.M. Thorup and Y. Zhang, “Tabulation Based 4-Universal Hashing with Applications to Second Moment Estimation,” in Proc. the Fifteenth Annual ACM-SIAM Symposium on Discrete Algorithms, 2004.Google Scholar
- 9.G. Yang and L. Le Cam, Asymptotics in Statistics: Some Basic Concepts, second edition, Wiley, Mar. 2006.Google Scholar