New Misuse Detection Algorithm for SIP Faked Response Attacks
Session Initiation Protocol (SIP) today is considered the standard protocol for multimedia signaling, and the result is a very generic protocol. SIP is specified by the IETF in RFC 3261. From a structural and functional perspective, SIP is application layer signaling text-based protocol used for creating, modifying, and terminating multimedia communications sessions among Internet endpoints. Unfortunately, SIP-based application services can suffer from various security threats as Denial of Service (DoS) attacks. The existing security solutions of IP network (IPsec, TLS, etc.) cannot detect new SIP specified network attacks because they do not reflect characteristics of SIP.