Denial of Service on SIP VoIP infrastructures using DNS flooding
Independent thesis Advanced level (degree of Master (One Year))Student thesis
A simple yet effective Denial of Service (DoS) attack on SIP servers is to flood the server with requests addressed at irresolvable domain names. In this paper we evaluate different possibilities to mitigate these effects and show that over-provisioning is not sufficient to handle such attacks. As a more effective approach we present a solution called the DNS Attack Detection and Prevention (DADP) scheme based on the usage of a non-blocking DNS cache. Based on various measurements conducted over the Internet we investigate the efficiency of the DADP scheme and compare its performance with different caching strategies applied.
Place, publisher, year, edition, pages
2007. , 29 p.
SIP, VoIP, Denial of Service
IdentifiersURN: urn:nbn:se:bth-2120Local ID: oai:bth.se:arkivex1E7D2286005BDA11C12572D600450880OAI: oai:DiVA.org:bth-2120DiVA: diva2:829386