For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Detect and Prevent SIP Flooding Attacks in VoLTE by Utilizing a Two-Tier PFilter Design
Na RUAN Mingli WU Shiheng MA Haojin ZHU Weijia JIA Songyang WU
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2017/10/01
Online ISSN: 1745-1361
Type of Manuscript: Special Section PAPER (Special Section on Security, Privacy and Anonymity in Computation, Communication and Storage Systems)
Category: Operating system and network Security
SIP flooding attack, PFilter, count, filter,
Full Text: PDF(757KB)>>
As a new generation voice service, Voice over LTE (VoLTE) has attracted worldwide attentions in both the academia and industry. Different from the traditional voice call based on circuit-switched (CS), VoLTE evolves into the packet-switched (PS) field, which has long been open to the public. Though designed rigorously, similar to VoIP services, VoLTE also suffers from SIP (Session Initiation Protocal) flooding attacks. Due to the high performance requirement, the SIP flooding attacks in VoLTE is more difficult to defend than that in traditional VoIP service. In this paper, enlightened by Counting Bloom Filter (CBF), we design a versatile CBF-like structure, PFilter, to detect the flooding anomalies. Compared with previous relevant works, our scheme gains advantages in many aspects including detection of low-rate flooding attack and stealthy flooding attack. Moreover, not only can our scheme detect the attacks with high accuracy, but also find out the attackers to ensure normal operation of VoLTE by eliminating their negative effects. Extensive experiments are performed to well evaluate the performance of the proposed scheme.