International Journal of Computer Science and Telecommunications
Voice over Internet Protocol (VoIP) services are based on standardized and open technologies (i.e., SIP, H.323) using servers reachable through the Internet, implemented in software and provided often over general purpose computing hardware. Therefore, such services can suffer from various security threats as denial of service attacks. In this paper, the authors present a new hybrid (anomaly and misuse) SIP flooding attack detection algorithm, which overcomes the existing problems in many of other detection algorithms. The proposed algorithm is tested using simulated traffic datasets, and compared with three well known anomaly algorithms and one misuse detection algorithm. The test results show that the new algorithm has high detection accuracy and high completeness.