Czech language  English language

Publications & Reports - Document Abstract

Jan Stanek, LukŠö Kencl
SIPp-DD: SIP DDoS Flood-Attack Simulation Tool
20th International Conference on Computer Communications and Networks (ICCCN)
First International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST)
31 July - August 4, 2011 | Maui, HI, USA

With the growing popularity of Voice-over-IP communication and of the SIP protocol, mobile networks including, denial-of-service attacks against the signaling are an ncreasingly menacing threat. We present SIPp-DD, a tool for generating real-like SIP DDoS flood attacks. SIPp-DD modifies the popular SIPp call generator and offers the option to spoof source IP addresses and ports of the generated messages. For flexibility, any set of source IP addresses and ports can be input, using a text file. To create real-like attacks, we analyze some of the publicly available DDoS flood attacks, derive typical distributions of address and packet populations and employ those in attack generation. We compare the generator outputs with the real analyzed DDoS floods and demonstrate the tool applicability by performing a DDoS attack within a real SIP-server testbed.

This work was kindly supported by Grant No. 315R1/2009 of the CESNET Fond rozvoje,


R&D Centre (RDC) for Mobile Applications
Dept of Telecommunications Engineering
Faculty of Electrical Engineering
Czech Technical University in Prague
Technick√° 2, 166 27 Prague 6
Czech Republic

Tel.: (+420) 224 355 991
Fax.: (+420) 233 335 999