[Back]

M. Hirschbichler, J. Fabini, B. Seifert, C. Egger:
"Stop the Flood - Perimeter Security- and Overload-Pre-evaluation";
Talk: The 12th Internation Conference on Next Generation Wired/Wireless Advanced Networking, St. Petersburg; 2012-08-27 - 2012-08-29; in: "Internet of Things, Smart Spaces and Next Generation networking", Springer, LNCS 7469 (2012), ISBN: 978-3-642-32685-1; 359 - 370.

With the upcoming introduction of the Session Initiation Protocol to carrier grade telecommunication infrastructures, the threat of attacks is increasing massively. Multiple types of unsolicited communication, like high and low rate Denial-of-Service attacks as well as Spam over Internet Telephony driven by Botnets will be an upcoming risk for all telecommunication operators.

In this document, we introduce an enhanced Session Border Controller which is able to detect high-rate DoS attacks and which will mark all forwarded requests with a value indicating the "quality" of the request. This value, which we denote as "dropability", reflects the effort the system has already invested for this request. This dropability-value depends amongst other presented factors on the spam-probability and the economic- or QoS-effect of this request.

This introduced value supports overloaded core-components to decide with minimum processing effort, which requests to drop first and which requests have severe effects on the customers perception or the economic income of the carrier.

SIP; DoS; Spam; Carrier Grade Networks: Overload Control

http://publik.tuwien.ac.at/files/PubDat_209556.pdf