Quick Detection of Stealthy SIP Flooding Attacks in VoIP Networks
Denial of Service (DoS) attacks such as the SIP flooding pose great threats to normal operations of VoIP networks, and can bear various forms to elude detection. In this paper, the authors address the stealthy SIP flooding attack, where intelligent attackers deliberately increase the flooding rates in a slow pace. As the attack only gradually influences the traffic, it can effectively be disguised from previous SIP flooding detection methods. In order to identify the stealthy attack in its early stage for timely response, they propose a detection scheme based on the signal processing technique wavelet, which is able to quickly expose the changes induced by the attack.