Unified Comms

An Aggregative Approach for Scalable Detection of DoS Attacks

Free registration required

Executive Summary

In Voice Over IP (VoIP) systems, intruders can launch DoS attacks by establishing a large number of open connections to prevent the system from serving legitimate users. Existing defenses against DoS attacks on VoIP systems maintain full state information and thus are not scalable to implement at core routers. To this end, the authors adopt a two-layer aggregation scheme, termed Advanced Partial Completion Filters (APCF), to defend against DoS attacks without tracking state information of each individual connection. APCF provides adjustable control parameters so that both false alarms and detection rate can be controlled.

  • Format: PDF
  • Size: 227 KB