Publications & Reports - Document Abstract
Jan Stanek, Lukáš Kencl
SIPp-DD: SIP DDoS Flood-Attack Simulation Tool
20th International Conference on Computer Communications and Networks (ICCCN)
First International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST)
31 July - August 4, 2011 | Maui, HI, USA
With the growing popularity of Voice-over-IP communication and of the SIP protocol, mobile networks including, denial-of-service attacks against the signaling are an ncreasingly menacing threat. We present SIPp-DD, a tool for generating real-like SIP DDoS flood attacks. SIPp-DD modifies the popular SIPp call generator and offers the option to spoof source IP addresses and ports of the generated messages. For flexibility, any set of source IP addresses and ports can be input, using a text file. To create real-like attacks, we analyze some of the publicly available DDoS flood attacks, derive typical distributions of address and packet populations and employ those in attack generation. We compare the generator outputs with the real analyzed DDoS floods and demonstrate the tool applicability by performing a DDoS attack within a real SIP-server testbed.
This work was kindly supported by Grant No. 315R1/2009 of the CESNET Fond rozvoje, fondrozvoje.cesnet.cz.