| dc.contributor.author | Febro, Aldo | |
| dc.contributor.author | Xiao, Hannan | |
| dc.contributor.author | Spring, William | |
| dc.date.accessioned | 2018-12-21T15:04:06Z | |
| dc.date.available | 2018-12-21T15:04:06Z | |
| dc.date.issued | 2018-07-06 | |
| dc.identifier.citation | Febro , A , Xiao , H & Spring , W 2018 , Telephony Denial of Service Defense at Data Plane (TDoSD@DP) . in IEEE/IFIP Network Operations and Management Symposium : Cognitive Management in a Cyber World, NOMS 2018 . Institute of Electrical and Electronics Engineers (IEEE) , pp. 1-6 , The First IEEE Workshop on Programmable Data Plane (PDP) in the IEEE/IFIP Network Operations and Management Symposium 2018 , 23/04/18 . https://doi.org/10.1109/NOMS.2018.8406281 | |
| dc.identifier.citation | conference | |
| dc.identifier.isbn | 9781538634165 | |
| dc.identifier.other | ORCID: /0000-0002-2251-2838/work/60314469 | |
| dc.identifier.other | ORCID: /0000-0003-2273-6679/work/62749213 | |
| dc.identifier.uri | http://hdl.handle.net/2299/20901 | |
| dc.description.abstract | The Session Initiation Protocol (SIP) is an application-layer control protocol used to establish and terminate calls that are deployed globally. A flood of SIP INVITE packets sent by an attacker causes a Telephony Denial of Service (TDoS) incident, during which legitimate users are unable to use telephony services. Legacy TDoS defense is typically implemented as network appliances and not sufficiently deployed to enable early detection. To make TDoS defense more widely deployed and yet affordable, this paper presents TDoSD@DP where TDoS detection and mitigation is programmed at the data plane so that it can be enabled on every switch port and therefore serves as distributed SIP sensors. With this approach, the damage is isolated at a particular switch and bandwidth saved by not sending attack packets further upstream. Experiments have been performed to track the SIP state machine and to limit the number of active SIP session per port. The results show that TDoSD@DP was able to detect and mitigate ongoing INVITE flood attack, protecting the SIP server, and limiting the damage to a local switch. Bringing the TDoS defense function to the data plane provides a novel data plane application that operates at the SIP protocol and a novel approach for TDoS defense implementation. | en |
| dc.format.extent | 6 | |
| dc.format.extent | 990034 | |
| dc.language.iso | eng | |
| dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | |
| dc.relation.ispartof | IEEE/IFIP Network Operations and Management Symposium | |
| dc.subject | Data plane | |
| dc.subject | DDoS | |
| dc.subject | DoS | |
| dc.subject | P4 | |
| dc.subject | SDN | |
| dc.subject | SIP | |
| dc.subject | Safety, Risk, Reliability and Quality | |
| dc.subject | Computer Networks and Communications | |
| dc.subject | Information Systems and Management | |
| dc.subject | Control and Optimization | |
| dc.title | Telephony Denial of Service Defense at Data Plane (TDoSD@DP) | en |
| dc.contributor.institution | Centre for Computer Science and Informatics Research | |
| dc.contributor.institution | School of Computer Science | |
| dc.identifier.url | http://www.scopus.com/inward/record.url?scp=85050679600&partnerID=8YFLogxK | |
| rioxxterms.versionofrecord | 10.1109/NOMS.2018.8406281 | |
| rioxxterms.type | Other | |
| herts.preservation.rarelyaccessed | true | |
