| The NGN (Next Generation Network) is a packet-based network with highly openarchitecture, which give service providers and users more abundant business. Softswitch what is the switching functional entity realized by the software, is the callingande controling core of NGN.The fusion characteristics of soft switch can provide userswith multi-business for the existing circuit switching, and provide third partyprogramming interface in order to develop new business. The SIP protocol is a real timecommunication protocol based on a IP network, which mainly used for the creation,modification and termination of multi-media session. The SIP protocol which is widelyused in IP phone, user agent, network proxy server, VoIP server, media server and otherfields, is a commonly used standards.Along with the telecommunication network entered the NGN era more ande morequickly, different from the traditional PSTN telephone network’s closed and lowintelligent characteristics, it provides more and more interfaces which not only greatlyenrich the telecommunication business, but also facing more and more securityvulnerabilities at the same time. The Voice-DoS attack on Softswitch environment usesthe means of occuping the user’s voice channel resources to destroy the user’sconnection rate, inorder to destroy the user’s normal voice-calling service. At present,the research of this kind of attacking mode is a little, and the detection methods alsolack verifications. Through analyzing the attack principle, attack mode and userbehavior of Voice-DoS, this article presents a detcting method for Voice-DoS attackwhich based on SIP call flow.Firstly, the soft switching system and SIP protocol are introduced detailedly. Thedissertation discusses softswitch system characteristics and advantages as well asfocuses on analysis of SIP session call flow. This is technical background of the Voice-DoS attack.Secondly, in order to understand Voice-DoS attacks detailedly, the dissertationanalyzes the principle, attacking mode and user behavior by comparing the traditionalDoS attack, selects the appropriate parameter model, simulate the Voice-DoS attack’s call flow, and briefly introduces the defense system of Voice-DoS attack on softswitchdevelopment.Thirdly, the dissertation proposes an efficient two stage threshold detection methodon Bayesian probability algorithm through the analysis of existing SPIT (spam overinternet telephony) detection method. The first stage detection is call flow filtering, andthe second stage mainly uses Bayesian probability algorithm to calculate the multipleconditional probability when user received attacks.Then, through the instantiation of attack pattern, the dissertation designs severalattack scenarios in order to verify the detection method function as well as analysis itsperformance. The simulation results show that the method can efficiently detectattackings with lower computation, as well as has high detection efficiency andreal-time performance.Finally, this dissertation makes a conclusion of all the study and research above.And it makes a suggestion and indication of future work. |
PDF Full Text Request