Show simple item record

dc.contributor.authorFebro, Aldo
dc.contributor.authorXiao, Hannan
dc.contributor.authorSpring, William
dc.date.accessioned2018-12-21T15:04:06Z
dc.date.available2018-12-21T15:04:06Z
dc.date.issued2018-07-06
dc.identifier.citationFebro , A , Xiao , H & Spring , W 2018 , Telephony Denial of Service Defense at Data Plane (TDoSD@DP) . in IEEE/IFIP Network Operations and Management Symposium : Cognitive Management in a Cyber World, NOMS 2018 . IEEE , pp. 1-6 , The First IEEE Workshop on Programmable Data Plane (PDP) in the IEEE/IFIP Network Operations and Management Symposium 2018 , 23/04/18 . https://doi.org/10.1109/NOMS.2018.8406281
dc.identifier.citationconference
dc.identifier.isbn9781538634165
dc.identifier.otherPURE: 13580006
dc.identifier.otherPURE UUID: 08b1a8bb-df3a-430e-b66e-0b4090970875
dc.identifier.otherScopus: 85050679600
dc.identifier.otherORCID: /0000-0002-2251-2838/work/60314469
dc.identifier.otherORCID: /0000-0003-2273-6679/work/62749213
dc.identifier.urihttp://hdl.handle.net/2299/20901
dc.description.abstractThe Session Initiation Protocol (SIP) is an application-layer control protocol used to establish and terminate calls that are deployed globally. A flood of SIP INVITE packets sent by an attacker causes a Telephony Denial of Service (TDoS) incident, during which legitimate users are unable to use telephony services. Legacy TDoS defense is typically implemented as network appliances and not sufficiently deployed to enable early detection. To make TDoS defense more widely deployed and yet affordable, this paper presents TDoSD@DP where TDoS detection and mitigation is programmed at the data plane so that it can be enabled on every switch port and therefore serves as distributed SIP sensors. With this approach, the damage is isolated at a particular switch and bandwidth saved by not sending attack packets further upstream. Experiments have been performed to track the SIP state machine and to limit the number of active SIP session per port. The results show that TDoSD@DP was able to detect and mitigate ongoing INVITE flood attack, protecting the SIP server, and limiting the damage to a local switch. Bringing the TDoS defense function to the data plane provides a novel data plane application that operates at the SIP protocol and a novel approach for TDoS defense implementation.en
dc.format.extent6
dc.language.isoeng
dc.publisherIEEE
dc.relation.ispartofIEEE/IFIP Network Operations and Management Symposium
dc.subjectData plane
dc.subjectDDoS
dc.subjectDoS
dc.subjectP4
dc.subjectSDN
dc.subjectSIP
dc.subjectSafety, Risk, Reliability and Quality
dc.subjectComputer Networks and Communications
dc.subjectInformation Systems and Management
dc.subjectControl and Optimization
dc.titleTelephony Denial of Service Defense at Data Plane (TDoSD@DP)en
dc.contributor.institutionCentre for Computer Science and Informatics Research
dc.contributor.institutionSchool of Computer Science
dc.identifier.urlhttp://www.scopus.com/inward/record.url?scp=85050679600&partnerID=8YFLogxK
rioxxterms.versionAM
rioxxterms.versionofrecordhttps://doi.org/10.1109/NOMS.2018.8406281
rioxxterms.typeOther
herts.preservation.rarelyaccessedtrue


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record