摘要
对会话初始化协议(SIP)分布式洪泛攻击的原理进行研究,结合SIP协议自身的特点提出一种基于安全级别设定的攻击减弱方法.该方法将SIP消息按照历史记录、协议自身进行安全级别分类,利用流量监控对SIP流量监控.当发生分布式洪泛攻击时,通过设定合适的安全级别减弱攻击造成的影响.仿真实验结果表明基于安全级别的方法能够识别和防御SIP分布式洪泛攻击,有效地减弱SIP代理服务器/IMS服务器被攻击的可能性.
This paper studies the theory of SIP distributed flooding attack and the character of SIP protocol itself.A mitigation method for SIP distributed flooding attack which based on security level is proposed.It classifies SIP message according to the SIP session history and SIP itself,attack is alarmed by the traffic monitoring.While attack is detected,mitigation method would set up the suitable security level;the messages that exceed the level would be dropped.The simulation results show that this mitigation method can detect and defend SIP distributed flooding attacks,and effectively reduce the probability of SIP proxy server or IMS server be attacked.
出处
《小型微型计算机系统》
CSCD
北大核心
2012年第5期995-999,共5页
Journal of Chinese Computer Systems
基金
国家水体污染控制与治理科技重大专项(2009ZX07528-006-05)资助
