Stop the flood - Perimeter security- and overload- pre-evaluation in carrier grade VoIP infrastructures

Abstract

With the upcoming introduction of the Session Initiation Protocol to carrier grade telecommunication infrastructures, the threat of attacks is increasing massively. Multiple types of unsolicited communication, like high and low rate Denial-of-Service attacks as well as Spam over Internet Telephony driven by Botnets will be an upcoming risk for all telecommunication operators. In this document, we introduce an enhanced Session Border Controller which is able to detect high-rate DoS attacks and which will mark all forwarded requests with a value indicating the "quality" of the request. This value, which we denote as "dropability", reflects the effort the system has already invested for this request. This dropability-value depends amongst other presented factors on the spam-probability and the economic- or QoS-effect of this request. This introduced value supports overloaded core-components to decide with minimum processing effort, which requests to drop first and which requests have severe effects on the customers perception or the economic income of the carrier. © 2012 Springer-Verlag.