Denial of Service on SIP VoIP infrastructures using DNS flooding

University essay from Blekinge Tekniska Högskola/Avdelningen för för interaktion och systemdesign

Author: Ge Zhang; [2007]

Keywords: SIP; VoIP; Denial of Service;

Abstract: A simple yet effective Denial of Service (DoS) attack on SIP servers is to flood the server with requests addressed at irresolvable domain names. In this paper we evaluate different possibilities to mitigate these effects and show that over-provisioning is not sufficient to handle such attacks. As a more effective approach we present a solution called the DNS Attack Detection and Prevention (DADP) scheme based on the usage of a non-blocking DNS cache. Based on various measurements conducted over the Internet we investigate the efficiency of the DADP scheme and compare its performance with different caching strategies applied.

  AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)