Detecting and Mitigating Denial-of-Service Attacks on Voice Over IP Networks

Voice over IP (VoIP) is more susceptible to Denial of Service attacks than traditional data traffic, due to the former's low tolerance to delay and jitter. This paper describes the design of their VoIP Vulnerability Assessment Tool (VVAT) with which they demonstrate vulnerabilities to DoS attacks inherent in many of the popular VoIP applications available today. In their threat model they assume an adversary who is not a network administrator, nor has direct control of the channel and key VoIP elements. The aim is to degrade the victim's QoS without giving away the presence by making the attack look like normal network degradation. Even black-boxed applications like Skype that use proprietary protocols show poor performance under specially crafted DoS attacks to its media stream.