[VOIPSEC] Fw: Evaluating DoS Attacks Against SIP-Based VoIP Systems (INVITE of Death)

[zubair rafique]

Evaluating DoS Attacks Against SIP-Based VoIPSystems (INVITE of Death)
Paper accepted at IEEE-GLOBECOM 2009http://www.nexginrc.org/~zubair.rafique/papers/globecomm-zubair.pdf

The multimedia communication is rapidly convergingtowards Voice over Internet – commonly known as Voiceover Internet Protocol (VoIP). Session Initiation Protocol (SIP) isthe standard used for session signaling in VoIP. Crafty attackerscan launch a number of Denial of Service (DoS) attacks on aSIP based VoIP infrastructure that can severely compromiseits
 reliability. In contrast, little work is done to analyze therobustness and reliability of SIP severs under DoS attacks. In thispaper, we show that the robustness and reliability of generic SIPservers is inadequate than commonly perceived. We have doneour study using a customized analysis tool that has the abilityto synthesize and launch different types of attacks. We haveintegrated the tool in a real SIP test bed environment to measurethe performance of SIP servers. Our measurements show that astandard SIP server can be easily overloaded by sending simplecall requests. We define the performance metrics to measurethe effects of flooding attacks on real time services - VoIP inSIP environment – and show the results on different SIP serverimplementations. Our results also provide insight into resources’usage by
 SIP servers under flooding attacks. Moreover, we showthat how a well known open source SIP server can be crashedthrough ‘INVITE of Death’ - a malformed SIP packet maliciouslycrafted by our tool.
Regards
M Zubair RafiquenexGIN RC
http://www.nexginrc.org/~zubair.rafique/