Skip to main content
SpringerLink
Log in

Stop the Flood – Perimeter Security- and Overload- Pre-evaluation in Carrier Grade VoIP Infrastructures

  • Conference paper
Internet of Things, Smart Spaces, and Next Generation Networking (ruSMART 2012, NEW2AN 2012)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 7469))

  • 5302 Accesses

Abstract

With the upcoming introduction of the Session Initiation Protocol to carrier grade telecommunication infrastructures, the threat of attacks is increasing massively. Multiple types of unsolicited communication, like high and low rate Denial-of-Service attacks as well as Spam over Internet Telephony driven by Botnets will be an upcoming risk for all telecommunication operators.

In this document, we introduce an enhanced Session Border Controller which is able to detect high-rate DoS attacks and which will mark all forwarded requests with a value indicating the “quality” of the request. This value, which we denote as “dropability“, reflects the effort the system has already invested for this request. This dropability-value depends amongst other presented factors on the spam-probability and the economic- or QoS-effect of this request.

This introduced value supports overloaded core-components to decide with minimum processing effort, which requests to drop first and which requests have severe effects on the customers perception or the economic income of the carrier.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ETSI. NGN Congestion and Overload Control; Part 4: Overload and Congestion Control for H.248 MG/MGC. ES 283 039-4, Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN) (April 2007)

    Google Scholar 

  2. Gurbani, V., Hilt, V., Schulzrinne, H.: Session Initiation Protocol (SIP) Overload Control. Internet-Draft draft-ietf-soc-overload-control-07, Internet Engineering Task Force (January 2012) (work in progress)

    Google Scholar 

  3. Hautakorpi, J., Camarillo, G., Penfield, R., Hawrylyshen, A., Bhatia, M.: Requirements from Session Initiation Protocol (SIP) Session Border Control (SBC) Deployments. RFC 5853, Internet Engineering Task Force (April 2010)

    Google Scholar 

  4. Hilt, V., Noel, E., Shen, C., Abdelal, A.: Design Considerations for Session Initiation Protocol (SIP) Overload Control. RFC 6357, Internet Engineering Task Force (August 2011)

    Google Scholar 

  5. Hirschbichler, M., Egger, C., Pasteka, O., Berger, A.: Using E-Mail SPAM DNS Blacklists for Qualifying the SPAM-over-Internet-Telephony Probability of a SIP Call. In: Third International Conference on Digital Society, ICDS 2009, pp. 254–259 (February 2009)

    Google Scholar 

  6. Noel, E., Johnson, C.R.: Novel overload controls for SIP networks. In: 21st International Teletraffic Congress, ITC 21 2009, pp. 1–8 (September 2009)

    Google Scholar 

  7. Noel, E., PhilipWilliams, P.: Session Initiation Protocol (SIP) Rate Control. Internet-Draft draft-noel-soc-overload-rate-control-02, Internet Engineering Task Force (December 2011) (work in progress)

    Google Scholar 

  8. Ormazabal, G., Nagpal, S., Yardeni, E., Schulzrinne, H.: Secure SIP: A Scalable Prevention Mechanism for DoS Attacks on SIP Based VoIP Systems. In: Schulzrinne, H., State, R., Niccolini, S. (eds.) IPTComm 2008. LNCS, vol. 5310, pp. 107–132. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Quinten, V.M., van de Meent, R., Pras, A.: Analysis of Techniques for Protection Against Spam over Internet Telephony. In: Pras, A., van Sinderen, M. (eds.) EUNICE 2007. LNCS, vol. 4606, pp. 70–77. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  10. Rosenberg, J.: Requirements for Management of Overload in the Session Initiation Protocol. RFC 5390, Internet Engineering Task Force (December 2008)

    Google Scholar 

  11. Rosenberg, J., Jennings, C.: The Session Initiation Protocol (SIP) and Spam. RFC 5039, Internet Engineering Task Force (January 2008)

    Google Scholar 

  12. Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol. RFC 3261, Internet Engineering Task Force (June 2002)

    Google Scholar 

  13. Schulzrinne, H., Polk, J.: Communications Resource Priority for the Session Initiation Protocol (SIP). RFC 4412, Internet Engineering Task Force (February 2006)

    Google Scholar 

  14. Sengar, H., Wang, H., Wijesekera, D., Jajodia, S.: Detecting VOIP floods using the hellinger distance. IEEE Transactions on Parallel and Distributed Systems 19(6), 794–805 (2008)

    Article  Google Scholar 

  15. Tang, J., Cheng, Y.: Quick detection of stealthy SIP flooding attacks in VOIP networks. In: 2011 IEEE International Conference on Communications (ICC), pp. 1–5 (June 2011)

    Google Scholar 

  16. Wing, D., Niccolini, S., Stiemerling, M., Tschofenig, H.: Spam Score for SIP. Internet-Draft draft-wing-sipping-spam-score-02, Internet Engineering Task Force (February 2008) (work in progress)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Telecommunications, TU Wien, Favoritenstr. 9-11/E389, A 1040, Wien, Austria

    Michael Hirschbichler, Joachim Fabini, Bernhard Seifert & Christoph Egger

Authors
  1. Michael Hirschbichler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joachim Fabini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bernhard Seifert
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christoph Egger
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Communications Engineering, Tampere University of Technology (TUT), Korkeakoulunkatu 1, 33720, Tampere, Finland

    Sergey Andreev

  2. FRUCT Oy, Kissankellontie 20B, 00930, Helsinki, Finland

    Sergey Balandin

  3. Department of Communications Engineering, Tampere University of Technology, Korkeakoulunkatu 1, 33720, Tampere, Finland

    Yevgeni Koucheryavy

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hirschbichler, M., Fabini, J., Seifert, B., Egger, C. (2012). Stop the Flood – Perimeter Security- and Overload- Pre-evaluation in Carrier Grade VoIP Infrastructures. In: Andreev, S., Balandin, S., Koucheryavy, Y. (eds) Internet of Things, Smart Spaces, and Next Generation Networking. ruSMART NEW2AN 2012 2012. Lecture Notes in Computer Science, vol 7469. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32686-8_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-32686-8_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32685-1

  • Online ISBN: 978-3-642-32686-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation