DETECTING METHOD FOR SIP FLOODING ATTACK OF APPLICATION LAYER URL ADDRESS INFORMATION BASED

摘要

PURPOSE: a kind of to detect the sip server that SIP flood attacks are provided to denial of service attacks based on application layer detection SIP URL address informations and a SIP SCAN attack can be used between property and terminal. ;A kind of CONSTITUTION: SIP packet decodings module (100) decoding SIP groupings. A kind of SIP DoS detection modules (200) inquiry SIP DoS detected rules appropriate detect DB. from SIP DoS according to detection partThe SIP DoS detection modules detect SIP DoS attacks according to SIP DoS detected rules. A kind of SIP DoS traffic card dealing module (300) prevents DoS attack SIP business according to SIP DoS testing results. The SIP DoS traffic card dealing modules send SIP DoS attacks business to SIP cuttings or terminal. ;The 2010 of copyright KIPO submissions