By Topic

Detecting SIP flooding attacks on IP Multimedia Subsystem (IMS)

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Zhiqiang Chen ; Sch. of Software, Sun Yat-Sen Univ., Guangzhou, China ; Wushao Wen ; Da Yu

Multimedia Subsystem (IMS) is an IP-based network architecture. IMS uses IETF-defined protocols, such as SIP, TCP, and UDP etc. to realize next generation mobile service. These protocols have been facing many different kinds of security threats, which make IMS vulnerable. However, the security mechanism defined in IMS only includes limited features such as authentication and encryption. Since methods of attacks to IMS are various, these features are not sufficient. The Session Initiation Protocol (SIP) is used in IMS to establish and manage sessions. It is easy for a hacker to attack IMS with flooding SIP messages. However, IMS does not provide any functions to prevent such kind of attacks. In this paper, we focus on the Denial of Service (DoS) flooding attack using SIP messages in IMS, and provide a detecting approach using the non-parametric cumulative sum (CUSUM) algorithm that can effectively detect such kind of DoS attacks.

Published in:

Computing, Networking and Communications (ICNC), 2012 International Conference on

Date of Conference:

Jan. 30 2012-Feb. 2 2012