A Novel Approach for Efficient Mitigation against the SIP-Based DRDoS Attack

Voice over Internet Protocol (VoIP) and its underlying Session Initiation (SIP) are widely deployed technologies since they provide an efficient fast means of both voice data communication a single network. However, in spite their advantages, also have security threats due to the inherent vulnerabilities (IP) that can potentially be exploited by hackers. This study introduces novel defense mechanism effectively combat advanced attacks exploit identified some less-known features SIP. The SIP-DRDoS (SIP-based distributed reflection denial service) attack, which survive existing systems, is attack performed on SIP network through multiplication legitimate traffic. In this study, we propose consists statistics, inspection, action modules mitigate attack. We implement utilizing our SIP-based audit software VoIP/SIP lab environment simulates enterprise-grade then utilize tool realize against Our experimental results prove approach do deep packet analysis for traffic, detect flood attacks, them dropping packets. While with around 1 Gbps traffic dramatically escalates CPU (central processing unit) usage server up 74%, reduces it down 17% within 6 min after initiated. represents significant advancement mechanisms demonstrates potential protect VoIP systems DRDoS attacks.