Skip to Main Content
Multimedia Subsystem (IMS) is an IP-based network architecture. IMS uses IETF-defined protocols, such as SIP, TCP, and UDP etc. to realize next generation mobile service. These protocols have been facing many different kinds of security threats, which make IMS vulnerable. However, the security mechanism defined in IMS only includes limited features such as authentication and encryption. Since methods of attacks to IMS are various, these features are not sufficient. The Session Initiation Protocol (SIP) is used in IMS to establish and manage sessions. It is easy for a hacker to attack IMS with flooding SIP messages. However, IMS does not provide any functions to prevent such kind of attacks. In this paper, we focus on the Denial of Service (DoS) flooding attack using SIP messages in IMS, and provide a detecting approach using the non-parametric cumulative sum (CUSUM) algorithm that can effectively detect such kind of DoS attacks.