Lead Inventor:
Henning Schulzrinne, Ph.D.
Hackers use Denial-of-Service Attacks Against VoIP and SIP Phones :
Denial-of-service (DoS) is an attempt by attackers to prevent legitimate users from using a service. As telephony services move to IP-based networks, Voice over IP (VoIP) infrastructure and end devices such as SIP phones become attractive DoS targets. These attacks can disrupt emergency dialing services over VoIP (E911). Solutions for preventing DoS attacks must be evaluated for functionality conformance, and performance at carrier class rates. Without these solutions, a significant risk is borne by the organization that depends on the revenue stream from IP-based VoIP services.
Denial-of-Service Attack Detection and Mitigation Technology:
The technology is a software/hardware test-bed that can be used to generate SIP traffic at carrier class rates. The generated traffic is used to test the DoS mitigation filters deployed at the network perimeter for SIP. In particular, two filters are tested, namely, digest authentication based rate-limiting, and SIP method based rate-limiting.
Applications:
• Evaluation of firewalls, intrusion detection systems in the context of IP multimedia subsystem (IMS)
• DoS mitigation testing for carrier class SIP-based VoIP systems
Advantages:
• A unified test framework to generate carrier class traffic rates
• Ability to tailor the traffic to test a certain DoS attack
• Prevent DoS attacks on the signaling channel
Patent Status: Copyright
Licensing Status: Available for Licensing and Sponsored Research Support