Detect and Prevent SIP Flooding Attacks in VoLTE by Utilizing a Two-Tier PFilter Design

Abstract: SUMMARYAs a new generation voice service, Voice over LTE (VoLTE) has attracted worldwide attentions in both the academia and industry. Different from the traditional voice call based on circuit-switched (CS), VoLTE evolves into the packet-switched (PS) field, which has long been open to the public. Though designed rigorously, similar to VoIP services, VoLTE also suffers from SIP (Session Initiation Protocal) flooding attacks. Due to the high performance requirement, the SIP flooding attacks in VoLTE is more di… Show more

“…Next, we test the detection of registry flooding requests, Processor load, error detection ratio, and memory utilization. Major baseline approaches deployed in the testbed are PIKE [33], IDS-IVS [48], SSI [49], and DS-IDP [5] Following scenarios are considered during the registration process; i) In this case, a request generator (RG) produces traffic of 50 SIP REGISTER requests per second, the response time for authentications is observed; ii) Response time comparison with current IMS authentication procedure; iii) Term span during which traffic is tracked is split into 3 periods, the test scenarios for identification are considered from 20 seconds to a minute; iv) The time during which traffic is tracked is split into 4 periods, the measurement scenarios for the identification duration are known to be about 15 seconds over a minute.…”

“…Framework for intrusion detection and prevention i.e. DS-IDPS [5] is a dual server system. It provides defense against INVITE flooding attacks and spoofing.…”

“…A dual server-based architecture also achieves better attacks detection for INVITE flooding using the 2 main server and cooperative sever. It also applies three thresholds to generate alarms as per attack detection [3][4][5]. An intrusion detection system (IDS) is mandatory to secure services and signaling as well.…”

Intrusion Detection and Prevention System for Secure Multimedia sharing in Future Internet

“…Next, we test the detection of registry flooding requests, Processor load, error detection ratio, and memory utilization. Major baseline approaches deployed in the testbed are PIKE [33], IDS-IVS [48], SSI [49], and DS-IDP [5] Following scenarios are considered during the registration process; i) In this case, a request generator (RG) produces traffic of 50 SIP REGISTER requests per second, the response time for authentications is observed; ii) Response time comparison with current IMS authentication procedure; iii) Term span during which traffic is tracked is split into 3 periods, the test scenarios for identification are considered from 20 seconds to a minute; iv) The time during which traffic is tracked is split into 4 periods, the measurement scenarios for the identification duration are known to be about 15 seconds over a minute.…”

“…Framework for intrusion detection and prevention i.e. DS-IDPS [5] is a dual server system. It provides defense against INVITE flooding attacks and spoofing.…”

“…A dual server-based architecture also achieves better attacks detection for INVITE flooding using the 2 main server and cooperative sever. It also applies three thresholds to generate alarms as per attack detection [3][4][5]. An intrusion detection system (IDS) is mandatory to secure services and signaling as well.…”

Intrusion Detection and Prevention System for Secure Multimedia sharing in Future Internet