Czech language  English language

Publikace a výzkumné zprávy - detail dokumentu

Jan Stanek, Luk Kencl
SIPp-DD: SIP DDoS Flood-Attack Simulation Tool
20th International Conference on Computer Communications and Networks (ICCCN)
First International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST)
31 July - August 4, 2011 | Maui, HI, USA

With the growing popularity of Voice-over-IP communication and of the SIP protocol, mobile networks including, denial-of-service attacks against the signaling are an ncreasingly menacing threat. We present SIPp-DD, a tool for generating real-like SIP DDoS flood attacks. SIPp-DD modifies the popular SIPp call generator and offers the option to spoof source IP addresses and ports of the generated messages. For flexibility, any set of source IP addresses and ports can be input, using a text file. To create real-like attacks, we analyze some of the publicly available DDoS flood attacks, derive typical distributions of address and packet populations and employ those in attack generation. We compare the generator outputs with the real analyzed DDoS floods and demonstrate the tool applicability by performing a DDoS attack within a real SIP-server testbed.

This work was kindly supported by Grant No. 315R1/2009 of the CESNET Fond rozvoje,


R&D Centre (RDC) for Mobile Applications
Katedra telekomunikacní techniky
Fakulta elektrotechnická
ČVUT v Praze
Technická 2, 166 27 Praha 6
Česká republika

Tel.: (+420) 224 355 991
Fax.: (+420) 233 335 999