Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Session initiation protocol (SIP) distributed denial of service (DDoS) attack distributed defensive system and load balancing method thereof

A load balancing algorithm and defense system technology, applied in the field of VoIP network security and IP communication, can solve the problems of increasing the processing burden of the SIP proxy server, the defense system cannot be used for defense, and the server crashes, and achieves good load balancing characteristics, high message Processing power, effect of high attack detection rate

Active Publication Date: 2013-06-19
中国科学院沈阳计算技术研究所有限公司
View PDF3 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

A system that achieves defense by limiting the message request rate cannot distinguish between normal messages and attack messages, and can only weaken the attack intensity; the defense efficiency of the state firewall system on the SIP network depends on the set security rules, and can only defend against known attacks; flow-based Since the distributed defense system does not consider the characteristics of SIP messages, most of the detection algorithms cannot be used and high false positives and false negatives will be generated; the self-defense system of the SIP proxy server is embedded in the SIP proxy server, which increases the processing burden, which can cause the server to crash in the face of a large number of attack messages
[0005] None of the existing SIP DDoS defense models can achieve active and proactive detection of unknown attacks while effectively defending
At the same time, some main SIP DDoS attack detection algorithms, such as the cumulative sum algorithm and the detection method based on the SIP transaction state machine, etc., have high detection accuracy, but due to the large consumption of resources and slow detection speed, etc. Cannot be used for defense in the defense system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Session initiation protocol (SIP) distributed denial of service (DDoS) attack distributed defensive system and load balancing method thereof
  • Session initiation protocol (SIP) distributed denial of service (DDoS) attack distributed defensive system and load balancing method thereof
  • Session initiation protocol (SIP) distributed denial of service (DDoS) attack distributed defensive system and load balancing method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0064] The SIP DDoS attack distributed defense system of the present invention comprises a load balancer (Load Balacer, LB), is connected with a plurality of defense detection nodes, carries out preliminary processing to network flow and uses load balancing algorithm to distribute to each defense detection node; Defense detection node ( Defending and Detecting Node, DDN), process the SIP messages assigned to it, filter out attack messages, and send normal messages to the server.

[0065] The system of the present invention is an intrusion prevention system for defending against SIP DDoS attacks. This embodiment runs on the front end of the SIP server cluster, processes SIP messages sent to the server, defends against SIP DDoS attacks, and protects the SIP server from the harm of the attack. like figure 1 The load balancer in the system shown...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to voice over IP (VoIP) network security and initiation protocol (IP) communication field, in particular to a session initiation protocol (SIP) distributed denial of service (DDoS) attack distributed defensive system and a load balancing method thereof. The SIP DDoS attack distributed defensive system comprises defence detection nodes and a load balancer. The defence detection nodes are connected with the load balancer and are used for circulating load information to the load balancer timely to share a rule base. The load balancer is connected with a plurality of defence detection nodes, is used for sending SIP information to each defence detection node, and updating a defence node balance sheet according to the load information sent by the defence detection nodes. By the adoption of distributed structure, higher information processing ability and better expandability are achieved. Higher attack detection rate and lower false alarm rate are achieved based on the detecting algorithm load balancing method. Load balancing features of each node is achieved by using a load distribution algorithm.

Description

technical field [0001] The invention relates to the fields of VoIP network security and IP communication, in particular to a SIP DDoS attack distributed defense system and a load balancing method thereof. Background technique [0002] With the diversification of people's communication needs, the scope of IP communication has been greatly expanded, and it has begun to evolve from a simple VoIP system (Voice Over IP) to a unified communication (EoIP, Everything Over IP). SIP (session initiation protocol, a signaling control protocol at the application layer) is used to establish, modify and terminate two-party or multi-party multimedia sessions on the IP network. It has become the core protocol of VoIP, IMS, and IPTV because of its simple structure and convenient use. SIP is also used in the NGN architecture defined by ETSI and ITU-T. At the beginning of the design, the SIP protocol fully considered the ease of use and flexibility of the protocol, and did not focus on securit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
Inventor 吕昕林浒李鸿彬孙建伟杨蕾张彦功
Owner 中国科学院沈阳计算技术研究所有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com