THE REVIEW OF FOREIGN SEGMENT PUBLICATIONS ON VOIP NETWORK SECURITY: GENERATION OF DOS ATTACKS AND THEIR DETECTION
Abstract and keywords
Abstract (English):
The paper is devoted to the problem of protecting VoIP systems from DoS/DDoS attacks, as one of the most relevant for the field of digital telecommunications. A review of a significant number of publications by foreign scientists devoted to methods of creating this type of attack, as well as countering them, was carried out. A systematization of the review results is proposed in the form of a comparative table according to the following 10 criteria: year of publication, stage of the life cycle of the attack, its type, protection method, degree of implementation, its resource intensity, practical applicability, effectiveness of the method, application of machine learning. Fundamental conclusions were drawn for each of the criteria, a brief description of the research was given, as well as ways to continue it.

Keywords:
VoIP, benchmarking, denial of service, DoS, attack, security
Text
Publication text (PDF): Read Download
References

1. Ehlert S., Geneiatakis D., Magedanz T. Survey of network security systems to counter SIP-based denial-of-service attacks // Computers & Security. 2010. Vol. 29. Iss. 2. P. 225–243. DOI:https://doi.org/10.1016/j.cose.2009.09.004.

2. Liu Z., Yin X., Lee H. An Efficient Defense Scheme against SIP DoS Attack in SDN Using Cloud SFW // Ninth Asia Joint Conference on Information Security. Wuhan, China, 2014. P. 52–55. DOI:https://doi.org/10.1109/AsiaJCIS.2014.12.

3. Ferdous R., Cigno R.L., Zorat A. On the Use of SVMs to Detect Anomalies in a Stream of SIP Messages // 11th International Conference on Machine Learning and Applications. Boca Raton, FL, USA, 2012. P. 592–597. DOI:https://doi.org/10.1109/ICMLA.2012.109.

4. Safoine R., Mounir S., Farchi A. Comparative study on DOS attacks Detection Techniques in SIP-based VOIP networks // 6th International Conference on Multimedia Computing and Systems (ICMCS). Rabat, Morocco, 2018. P. 1–5. DOI:https://doi.org/10.1109/ICMCS.2018.8525878.

5. Xiao-Yu Wan, Zhang Li, Zi-Fu Fan. A SIP DoS flooding attack defense mechanism based on priority class queue // IEEE International Conference on Wireless Communications, Networking and Information Security. Beijing, China, 2010. P. 428–431. DOI:https://doi.org/10.1109/WCINS.2010.5541813.

6. Fan Z., Wan X. The design and realization of SIP DOS attack detection plugin based on balanced message number principle // IEEE International Conference on Communications Technology and Applications. Beijing, China, 2009. P. 780–784. DOI:https://doi.org/10.1109/ICCOMTA.2009.5349092.

7. Pourmohseni S., Asgharian H., Akbari A. Detecting authentication misuse attacks against SIP entities // 10th International ISC Conference on Information Security and Cryptology (ISCISC). Yazd, Iran, 2013. P. 1–5. DOI:https://doi.org/10.1109/ISCISC.2013.6767324.

8. Zhou C.V., Leckie C., Ramamohanarao K. Protecting SIP server from CPU-based DoS attacks using history-based IP filtering // IEEE Communications Letters. 2009. Vol. 13. № 10. P. 800–802. DOI:https://doi.org/10.1109/LCOMM.2009.090840.

9. Zhe C., Rong D. The Formal Analyse of DoS Attack to SIP Based on the SIP Extended Finite State Machines // International Conference on Computational Intelligence and Software Engineering. Wuhan, China, 2010. P. 1–4. DOI:https://doi.org/10.1109/CISE.2010.5676902.

10. Akbar A., Basha S.M., Sattar S.A. Leveraging the SIP load balancer to detect and mitigate DDos attacks // International Conference on Green Computing and Internet of Things (ICGCIoT). Greater Noida, India, 2015. P. 1204–1208. DOI:https://doi.org/10.1109/ICGCIoT.2015.7380646.

11. Chen Z., Wen W., Yu D. Detecting SIP flooding attacks on IP Multimedia Subsystem (IMS) // International Conference on Computing, Networking and Communications (ICNC. Maui, HI, USA, 2012. P. 154–158. DOI:https://doi.org/10.1109/ICCNC.2012.6167401.

12. Fan Z.F., Yang J.R., Wan X.Y. A SIP DoS Flooding Attack Defense Mechanism Based on Custom Weighted Fair Queue Scheduling // International Conference on Multimedia Technology. Ningbo, China, 2010. P. 1–4. DOI:https://doi.org/10.1109/ICMULT.2010.5630386.

13. Chen E.Y., Itoh M. A whitelist approach to protect SIP servers from flooding attacks // IEEE International Workshop Technical Committee on Communications Quality and Reliability (CQR 2010). Vancouver, BC, Canada, 2010. P. 1–6. DOI:https://doi.org/10.1109/CQR.2010.5619917.

14. Tas I.M., Unsalver B.G. Baktir S. A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism // IEEE Access. 2020. Vol. 8. P. 112574–112584. DOI:https://doi.org/10.1109/ACCESS.2020.3001688.

15. Deng X., Shore M. Advanced Flooding Attack on a SIP Server // International Conference on Availability, Reliability and Security. Fukuoka, Japan, 2009. P. 647–651. DOI:https://doi.org/10.1109/ARES.2009.15.

16. Armoogum S., Mohamudally N. Survey of practical security frameworks for defending SIP based VoIP systems against DoS/DDoS attacks // IST-Africa Conference Proceedings, Pointe aux Piments. Mauritius, 2014. P. 1–11. DOI:https://doi.org/10.1109/ISTAFRICA.2014.6880664.

17. Bansal A., Pais A.R. Mitigation of Flooding Based Denial of Service Attack against Session Initiation Protocol Based VoIP System // IEEE International Conference on Computational Intelligence & Communication Technology. Ghaziabad, India, 2015. P. 391–396. DOI:https://doi.org/10.1109/CICT.2015.66.

18. Chen E.Y. Detecting DoS attacks on SIP systems // 1st IEEE Workshop on VoIP Management and Security. Vancouver, BC, Canada, 2006. P. 53–58. DOI:https://doi.org/10.1109/VOIPMS.2006.1638123.

19. Moh'd A., Tawalbeh L., Sowe A. A novel method to guarantee QoS during DoS attacks for IPTV using SIP // Second International Conference on the Applications of Digital Information and Web Technologies. London, UK, 2009. P. 838–842. DOI:https://doi.org/10.1109/ICADIWT.2009.5273867.

20. Kurt B., Yıldız Ç., Ceritli T.Y., Sankur B., Cemgil A.T. A Bayesian change point model for detecting SIP-based DDoS attacks // Digital Signal Processing. 2018. Vol. 77. P. 48–62. DOI:https://doi.org/10.1016/j.dsp.2017.10.009.

21. Liu L. Uncovering SIP Vulnerabilities to DoS Attacks Using Coloured Petri Nets // 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications. Changsha, China, 2011. P. 29–36. DOI:https://doi.org/10.1109/TrustCom.2011.8.

22. Stanek J., Kencl L. SIP Protector: Defense architecture mitigating DDoS flood attacks against SIP servers // IEEE International Conference on Communications (ICC). Ottawa, ON, Canada, 2012. P. 6733–6738. DOI:https://doi.org/10.1109/ICC.2012.6364674.

23. Hosseinpour M., Hosseini Seno S.A., Yaghmaee Moghaddam M.H., Khosravi Roshkhari H. An anomaly based VoIP DoS attack detection and prevention method using fuzzy logic // 8th International Symposium on Telecommunications (IST). Tehran, Iran, 2016. P. 713–718. DOI:https://doi.org/10.1109/ISTEL.2016.7881916.

24. Febro A., Xiao H., Spring J. Distributed SIP DDoS Defense with P4 // IEEE Wireless Communications and Networking Conference (WCNC). Marrakesh, Morocco, 2019. P. 1–8. DOI:https://doi.org/10.1109/WCNC.2019.8885926.

25. Zhang G., Fischer-Hübner S. Counteract DNS Attacks on SIP Proxies Using Bloom Filters // International Conference on Availability, Reliability and Security. Regensburg, Germany, 2013. P. 678–684. DOI:https://doi.org/10.1109/ARES.2013.89.

26. Cadet F., Fokum D.T. Coping with denial-of-service attacks on the IP telephony system // SoutheastCon 2016. Norfolk, VA, USA, 2016. P. 1–7. DOI:https://doi.org/10.1109/SECON.2016.7506691.

27. Tang J., Cheng Y. Quick Detection of Stealthy SIP Flooding Attacks in VoIP Networks // IEEE International Conference on Communications (ICC). Kyoto, Japan, 2011. P. 1–5. DOI:https://doi.org/10.1109/icc.2011.5963248.

28. Tang J., Hao Y., Cheng Y., Zhou C. Detection of Resource-Drained Attacks on SIP-Based Wireless VoIP Networks // IEEE Global Telecommunications Conference GLOBECOM 2010. Miami, FL, USA, 2010. P. 1–5. DOI:https://doi.org/10.1109/GLOCOM.2010.5684028.

29. Tang J., Cheng Y., Zhou C. Sketch-Based SIP Flooding Detection Using Hellinger Distance // GLOBECOM 2009 – 2009 IEEE Global Telecommunications Conference. Honolulu, HI, USA, 2009. P. 1–6. DOI:https://doi.org/10.1109/GLOCOM.2009.5426267.

30. Raza M.A., Khan A.-u.-R., Raza M. A restrictive model (RM) for detection and prevention of INVITE flooding attack // 3rd IEEE International Conference on Computer, Control and Communication (IC4), Karachi, Pakistan, 2013. P. 1–6. DOI:https://doi.org/10.1109/IC4.2013.6653766.

31. Makarova A.K., Polyanicheva A.V., Samatova K.A. Analiz uyazvimostej oborudovaniya peredachi golosovogo trafika // Aktual'nye problemy infotelekommunikacij v nauke i obrazovanii (APINO 2022): XI Mezhdunar. nauch.-tekhn. i nauch.-metod. konf. SPb.: S.-Peterb. gos. un-t telekommunikacij im. prof. M.A. Bonch-Bruevicha, 2022. T. 1. S. 665–669. EDN JRKJAR.

32. Izrailov K.E., Makarova A.K., SHestakov A.V. Obobshchennaya model' zashchity ot kiberatak na VOIP // Voprosy kiberbezopasnosti. 2023. № 2 (54). S. 109–121. DOI:https://doi.org/10.21681/2311-3456-2023-2-109-121.

33. Izrailov K.E. Model' prognozirovaniya ugroz telekommunikacionnoj sistemy na baze iskusstvennoj nejronnoj seti // Vestnik INZHEKONa. Ser.: Tekhnicheskie nauki. 2012. № 8 (59). S. 150–153. EDN PJGOAF.

34. Osnovnye principy proektirovaniya arhitektury sovremennyh sistem zashchity / M.V. Bujnevich [i dr.] // Nacional'naya bezopasnost' i strategicheskoe planirovanie. 2020. № 3 (31). S. 51–58. DOI:https://doi.org/10.37468/2307-1400-2020-3-51-58.

Login or Create
* Forgot password?