SIP Flooding Attacks Detection and Prevention Using Shannon, Renyi and Tsallis Entropy

Mahdizdeh Zargar, Reihaneh Haji; Yaghmaee Moghaddam, Mohammad Hossein
September 2014
International Journal of Hybrid Information Technology;Sep2014, Vol. 7 Issue 5, p257
Academic Journal
Voice over IP (VOIP) network, also known as Internet telephony, is growing increasingly having occupied a large part of the communications market. With the growth of each technology, the related security issues become of particular importance. Taking advantage of this technology in different environments with numerous features put at our disposal, there arises an increasing need to address the security threats. Being IP-based and playing a signaling role in VOIP networks, Session Initiation Protocol (SIP) lets the invaders use weaknesses of the protocol to disable VOIP service. One of the most important threats is denial of service attack, a branch of which in this article we have discussed as flooding attacks. These attacks make server resources wasted and deprive it from delivering service to authorized users. Distributed denial of service attacks and attacks with a low rate can mislead many attack detection mechanisms. In this paper, we introduce a mechanism which not only detects distributed denial of service attacks and low rate attacks, but can also identify the attackers accurately. We detect and prevent flooding attacks in SIP protocol using Shannon (FDP-S), Renyi (FDP-R) and Tsallis (FDP-T) entropy. We conducted an experiment to compare the percentage of detection and rate of false alarm messages using any of the Shannon, Renyi and Tsallis entropy as a measure of disorder. Implementation results show that, according to the parametric nature of the Renyi and Tsallis entropy, by changing the parameters, different detection percentages and false alarm rates will be gained with the possibility to adjust the sensitivity of the detection mechanism.


Related Articles

  • A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack. Kumar, Abhishek; Tilagam, P. Santhi // International Journal of Computer Applications;Jul2011, Vol. 26, p31 

    Voice over Internet protocol (VoIP) is continuously evolving and changing the face of business telephony. The Session Initiation Protocol (SIP) is a widely used standard in VoIP communications to setup and tear down phone calls. Low rate Denial-of Service (DoS) attack recently emerged as the...

  • Analysis of Conflict DoS Attacks Process and Counter Measure on SIP Based VoIP Network. Islam, Md. Ruhul; Ghosh, Smarajit; Ahmed, Nausrat Jahan // International Journal of Advanced Research in Computer Science;May/Jun2012, Vol. 3 Issue 3, p433 

    Voice over Internet protocol (VoIP) is continuously developing and changing the face of business telephony. The Session Initiation Protocol (SIP) is a generally used standard in VoIP communications to setup and tear down phone calls. Amongst various online attacks hampering IT security, Denial...

  • Feature engineering for detection of Denial of Service attacks in session initiation protocol. Asgharian, Hassan; Akbari, Ahmad; Raahemi, Bijan // Security & Communication Networks;May2015, Vol. 8 Issue 8, p1587 

    The Session Initiation Protocol (SIP) is a text-based protocol, which defines the messaging between the SIP entities to establish, maintain, and terminate a multimedia session. Because of the text- and transaction-based nature of the SIP protocol, it encounters various types of malformed message...

  • Rqa based approach to detect and prevent ddos attacks in voip networks. Jeyanthi, N.; Thandeeswaran, R.; Vinithra, J. // Cybernetics & Information Technologies;Mar2014, Vol. 14 Issue 1, p11 

    Voice over Internet Protocol (VoIP) is a family of technologies for the transmission of voice over Internet. Voice is converted into digital signals and transmitted as data packets. The Session Initiation Protocol (SIP) is an IETF protocol for VoIP and other multimedia. SIP is an application...

  • Session Initiation Protocol Security: A Brief Review. Jaber, Aws Naser; Chen-Wei Tan; Manickam, Selvakumar; Khudher, Ali Abdulrazzaq // Journal of Computer Science;2012, Vol. 8 Issue 3, p348 

    Problem statement: This study aims to discuss several issues on session initiation protocol security and threats. An in-depth investigation related to SIP with the intention to categorize the wide variety of SIP security issues. Approach: Related papers to the infrastructure of SIP security were...

  • Blocking attacks on SIP VoIP proxies caused by external processing. Ge Zhang; Fischer-Hübner, Simone; Ehlert, Sven // Telecommunication Systems;Sep2010, Vol. 45 Issue 1, p61 

    As Voice over IP (VoIP) applications become increasingly popular, they are more and more facing security challenges that have not been present in the traditional Public Switched Telephone Network (PSTN). One of the reasons is that VoIP applications rely heavily on external Internet-based...

  • A comprehensive study of flooding attack consequences and countermeasures in Session Initiation Protocol (SIP). Hussain, Intesab; Djahel, Soufiene; Zonghua Zhang; Naït-Abdesselam, Farid // Security & Communication Networks;Dec2015, Vol. 8 Issue 18, p4436 

    Session Initiation Protocol (SIP) is widely used as a signaling protocol to support voice and video communication in addition to other multimedia applications. However, it is vulnerable to several types of attacks because of its open nature and lack of a clear defense line against the increasing...

  • Your must-have telecom budget for 2010. Johnson, Johna Till // Network World;11/16/2009, Vol. 26 Issue 33, p30 

    The article focuses on some telecommunication means that an information technology (IT) professionals must include in his budget in 2010. The author suggests on having support for mobile workers, branch-office hardware, software and support and a budget for emerging services particularly in...

  • Proposed Model for SIP Security Enhancement. Sayyad, Munir B.; Chatterjee, Abhik; Nalbalwar, S. L. // Communications & Network;Feb2010, Vol. 2 Issue 1, p69 

    This paper aims to examine the various methods of protecting and securing a SIP architecture and also propose a new model to enhance SIP security in certain selected, specific and confidential environments as this proposed method cannot be generalized. Several security measures and techniques...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics