A Novel Approach for Efficient Mitigation against the SIP-Based DRDoS Attack
Abstract
:1. Introduction
- Our Main Contributions:
- We present an improved defense approach and show its efficacy for mitigating the SIP-based DRDoS attack. The proposed enhanced defense mechanism consists of statistics, inspection, and action modules. The statistics module has SIP protocol sniffing and analysis capabilities to perform real-time monitoring of the network traffic and detect attacks. The inspection module has a deep protocol analyzer that is triggered in case of an anomaly. It creates dynamic rate-limiting rules and checks dynamic thresholds by inspecting suspected traffic in regard to SIP specifications. The action module is unique with advanced detection, notification, and action mechanisms that are adapted to the SIP protocol specifications.
- To the best of our knowledge, this is the first study to propose a defense mechanism specifically designed to mitigate SIP-based DRDoS attacks. Our approach represents a significant advancement over the existing defense mechanisms that are often limited in their ability to effectively combat these types of attacks.
- We implement our defense mechanism successfully in a VoIP/SIP test environment that simulates a real enterprise-grade SIP network. Our experimental results show that our defense mechanism is able to do a deep packet analysis for SIP traffic and detect and mitigate ongoing SIP flood attacks by dropping attack packets and letting only legitimate packets pass through. We show that the CPU usage of the SIP proxy under an SIP-DRDoS attack with around 1 Gbps traffic is effectively reduced from down to within 6 min after our defense mechanism is activated.
- Our results demonstrate the potential of our defense mechanism to effectively protect VoIP systems against SIP-based DRDoS attacks which are a significant security threat to these systems. Our proposed enhanced defense approach provides a strong solution for protecting against SIP-based DRDoS attacks and can be integrated into existing security systems to improve the overall resilience of SIP networks.
2. Related Work
3. Background on DoS/DDoS Attacks and Defense Mechanisms
Taxonomy of DDoS Defense Mechanisms
- Resource accounting: privilege and behavior-based access to resources.
- Resource multiplication: increasing the bandwidth of links, deploying load balancers (a costly method).
- Resource pricing: adding a cost to resources on a computational basis.
- DoS-aware algorithms: implementing operating system (OS)-based basic algorithms that can do periodical scans.
- Traffic flow monitoring: utilizing tools to monitor network traffic to identify traffic characteristics.
- Traffic volume monitoring: sample-and-hold method and multistage filter methods.
- Source IP address monitoring: based on the fact that the source IP address is known for legitimate traffic but unknown for DDoS attack traffic.
- Monitoring other features: content and IP header filtering.
- IP hopping: detecting the change of IP address without a change in the physical location.
- Load balancing: balancing the load on servers in a multiple-server architecture for improved performance.
- TCP-migrate: migrating active TCP connections to establish a secure connection by using a cryptographic cookie and sending a new SYN request.
- Mutable service: relocation of services through a secure Domain Name System (DNS) server.
4. Implementing the SIP-DRDoS Attack
5. A Novel Protection Mechanism against the SIP-DRDoS Attack
5.1. Proposed Defense Mechanism in Detail: Components and Workflow
- Statistics Module:
- average network traffic rate for the sampling period;
- network traffic rate at present;
- the highest momentary network traffic rate within the selected time period;
- .
- ;
- ;
- ;
- .
- Traffic rate control: and values are compared. If is larger than , an attack is presumed, and the inspection module is triggered.
- Packet rate control: If is larger than , based on the number of SIP connections per second or the number of requested packets per second, an attack is presumed and the inspection module is triggered.
- Inspection Module:
- Condition 1: SIP connection requests coming from a single IP address are counted per second. All SIP INVITE and SIP REGISTER messages are considered incoming connections. The statistics module’s rate limits are utilized to decide if the action module needs to be triggered.
- Condition 2: SIP connection requests directed towards a single IP address are counted per second. All SIP INVITE and SIP REGISTER messages are considered incoming connections. The statistics module’s rate limits are utilized to decide if the action module needs to be triggered.
- Condition 3: SIP connection requests from a single IP address are counted per second, including reflected requests. The statistics module’s rate limits are utilized to decide if the action module needs to be triggered.
- Condition 4: SIP connection requests towards a single IP address are counted per second, including reflected requests. The statistics module’s rate limits are utilized to decide if the action module needs to be triggered.
- Action Module:
- Detect mode: If the present rate of SIP traffic is larger than Suspect Limit, the system notifies the operator of a threshold violation.
- Drop mode: If the present rate of the SIP traffic is larger than Attack Limit, SIP packets are dropped for 5 min.
- Block mode: After Drop Mode is activated, if the present rate of SIP traffic is above of the inbound packet rate limit, then SIP packets are blocked for 5 min.
5.2. Placement on the Network
6. Implementation Results
- Detection time: the time required for the detection module to identify the presence of an attack and trigger the mitigation process;
- Attack intensity: the rate at which the attack traffic is generated, measured in packets per second;
- CPU usage: the percentage value of the SIP server’s CPU utilization during the attack and the mitigation processes;
- False positive rate: the number of legitimate traffic packets that are mistakenly identified as attack traffic and dropped by the mitigation module.
7. Conclusions
8. Discussion
Author Contributions
Funding
Institutional Review Board Statement
Data Availability Statement
Conflicts of Interest
References
- Leu, F. A novel network mobility handoff scheme using SIP and SCTP for multimedia applications. J. Netw. Comput. Appl. 2009, 32, 1073–1091. [Google Scholar] [CrossRef]
- Yee, Y.C.; Choong, K.N.; Low, A.L.Y.; Tan, S.W. SIP-based proactive and adaptive mobility management framework for heterogeneous networks. J. Netw. Comput. Appl. 2008, 31, 771–792. [Google Scholar] [CrossRef]
- Bah, S.; Glitho, R.; Dssouli, R. A SIP servlets-based framework for service provisioning in stand-alone MANETs. J. Netw. Comput. Appl. 2013, 36, 147–155. [Google Scholar] [CrossRef]
- Revathi, P. Flow and rank correlation based detection against Distributed Reflection Denial of Service attack. In Proceedings of the 2014 International Conference on Recent Trends in Information Technology, Chennai, India, 10–12 April 2014; Volume 6, pp. 10–12. [Google Scholar]
- Tas, I.M.; Ugurdogan, B.; Tas, H. Integrating VoIP/UC Security into the Holistic Information Security Planning. In Proceedings of the 2015 23rd Signal Processing and Communications Applications Conference (SIU), Malatya, Turkey, 16–19 May 2015; Volume 23, pp. 771–792. [Google Scholar]
- CFCA Fraud Loss Survey. 2019. Available online: https://www.cfca.org/fraudlosssurvey (accessed on 25 January 2023).
- Bessis, T.; Gurbani, V.K.; Rana, A. Session initiation protocol firewall for the IP multimedia subsystem core. Bell Labs Tech. J. 2011, 15, 1–7. [Google Scholar] [CrossRef]
- Johnston, A.B. SIP: Understanding the Session Initiation Protocol, 2nd ed.; Artech House: Boston, MA, USA, 2004; Volume 1, pp. 168–687. [Google Scholar]
- Tsunoda, H.; Ohta, K.; Yamamoto, A.; Ansari, N.; Waizumi, Y.; Nemoto, Y. Detecting DRDoS attacks by a simple response packet confirmation mechanism. Comput. Commun. 2008, 31, 3299–3306. [Google Scholar] [CrossRef]
- Mohana Priya, P.; Akilandeswari, V.; Mercy Shalinie, S.; Lavanya, V.; Shanmuga Priya, M. The Protocol Independent Detection and Classification (PIDC) system for DRDoS attack. In Proceedings of the 2014 International Conference on Recent Trends in Information Technology, Chennai, India, 10–12 April 2014; pp. 1–7. [Google Scholar]
- Thomas, D.R.; Clayton, R.; Beresford, A.R. 1000 days of UDP amplification DDoS attacks. In Proceedings of the 2017 APWG Symposium on Electronic Crime Research (eCrime), Phoenix, AZ, USA, 25–27 April 2017; pp. 79–84. [Google Scholar]
- Stanek, J.; Kencl, L. SIPp-DD: SIP DDoS Flood-Attack Simulation Tool. In Proceedings of the 20th International Conference on Computer Communications and Networks (ICCCN), Maui, HI, USA, 31 July–4 August 2011; pp. 1–7. [Google Scholar]
- Tas, I.M.; Unsalver, B.G.; Baktir, S. Our Proposed SIP-Based Distributed Reflection Denial of Service (DRDoS) Attacks & Effective Defense Mechanism. In Proceedings of the 2nd Interdisciplinary Cyber Research Workshop 2016, Tallinn, Estonia, 2 July 2016; pp. 15–16. [Google Scholar]
- Tas, I.M.; Unsalver, B.G.; Baktir, S. A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism. IEEE Access 2020, 8, 112574–112584. [Google Scholar] [CrossRef]
- Tas, I.M.; Ugurdogan, B.; Baktir, S. Novel session initiation protocol-based distributed denial-of-service attacks and effective defense strategies. Comput. Secur. 2016, 63, 29–44. [Google Scholar] [CrossRef]
- Bou-Harb, E.; Debbabi, M.; Assi, C. Cyber Scanning: A Comprehensive Survey. IEEE Commun. Surv. Tutor. 2014, 16, 1496–1519. [Google Scholar] [CrossRef]
- Voznak, M.; Safarik, J. DoS Attacks Targeting SIP Server and Improvements of Robustness. Int. J. Math. Comput. Simul. 2012, 6, 177–184. [Google Scholar]
- Paxson, V. An analysis of using reflectors for distributed denial-of-service attacks. ACM SIGCOMM Comput. Commun. Rev. 2001, 31, 38–47. [Google Scholar] [CrossRef] [Green Version]
- Santanna, J.J.; van Rijswijk-Deij, R.; Hofstede, R.; Sperotto, A.; Wierbosch, M.; Granville, L.Z.; Pras, A. Booters An analysis of DDoS-as-a-service attacks. In Proceedings of the 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), Ottawa, ON, Canada, 11–15 May 2015; pp. 243–251. [Google Scholar]
- Mirkovic, J.; Prier, G.; Reiher, P. Attacking DDoS at the source. In Proceedings of the 10th IEEE International Conference on Network Protocols, Paris, France, 12–15 November 2002; pp. 312–321. [Google Scholar]
- Sisalem, D.; Kuthan, J.; Ehlert, S. Denial of Service Attacks and SIP Infrastructure: Attack scenarios and prevention mechanisms. IEEE Netw. 2006, 20, 26–31. [Google Scholar] [CrossRef]
- Boro, D.; Basumatary, H.; Goswami, T.; Bhattacharyya, D.K. UDP Flooding Attack Detection Using Information Metric Measure. In Proceedings of the International Conference on ICT for Sustainable Development, Amsterdam, The Netherlands, 29 August–1 September 2016; pp. 143–153. [Google Scholar]
- Vennila, G.; Manikandan, M.S.K. A Scalable Detection Technique for Real-time Transport Protocol (RTP) Flooding Attacks in VoIP Network. Procedia Comput. Sci. 2016, 93, 893–901. [Google Scholar] [CrossRef] [Green Version]
- Gao, Y.; Feng, Y.; Kawamoto, J.; Sakurai, K. A Machine Learning Based Approach for Detecting DRDoS Attacks and Its Performance Evaluation. In Proceedings of the 2016 11th Asia Joint Conference on Information Security (AsiaJCIS), Fukuoka, Japan, 4–5 August 2016; pp. 80–86. [Google Scholar]
- Rebahi, Y.; Nassar, M.; Magedanz, T.; Festor, O. A survey on fraud and service misuse in voice over IP (VoIP) networks. Inf. Secur. Tech. Rep. 2011, 16, 12–19. [Google Scholar] [CrossRef]
- Vennila, G.; Shalini, N.S.; Manikandan, M. Performance analysis of VoIP spoofing attacks using classification algorithms. In Proceedings of the 2014 Applications and Innovations in Mobile Computing (AIMoC), Kolkata, India, 27 February–1 March 2014; pp. 193–198. [Google Scholar]
- Garcia-Teodoro, P.; Diaz-Verdejo, J.; Macia-Fernandez, G.; Vazquez, E. Anomaly-based network intrusion detection: Techniques, systems and challenges. Comput. Secur. 2009, 28, 18–28. [Google Scholar] [CrossRef]
- Fachkha, C.; Debbabi, M. Darknet as a Source of Cyber Intelligence: Survey, Taxonomy, and Characterization. IEEE Commun. Surv. Tutor. 2016, 18, 1197–1227. [Google Scholar] [CrossRef]
- Liu, C.; Xiong, G.; Liu, J.; Gou, G. Detect the reflection amplification attack based on UDP protocol. In Proceedings of the 2015 10th International Conference on Communications and Networking in China (ChinaCom), Shanghai, China, 15–17 August 2015; pp. 260–265. [Google Scholar]
- Tariq, U.; Malik, Y.; Abdulrazak, B. Defense and Monitoring Model for Distributed Denial of Service Attacks. Procedia Comput. Sci. 2012, 10, 1052–1056. [Google Scholar] [CrossRef] [Green Version]
- Mirkovic, J.; Reiher, P. A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 2004, 34, 39–53. [Google Scholar] [CrossRef]
- Angrisani, L.; Moriello, R.S.L.; Lelio, M.D.; Morabito, P.; Vadursi, M. Design and implementation of a reconfigurable test-bed for real-time security measurements in VoIP systems. Measurement 2013, 46, 3691–3700. [Google Scholar] [CrossRef]
- Farley, R.; Wang, X. Exploiting VoIP softphone vulnerabilities to disable host computers: Attacks and mitigation. Int. J. Crit. Infrastruct. Prot. 2014, 7, 141–154. [Google Scholar] [CrossRef]
- Dantu, R.; Fahmy, S.; Schulzrinne, H.; Cangussu, J. Issues and challenges in securing VoIP. Comput. Secur. 2009, 28, 743–753. [Google Scholar] [CrossRef]
- Ehlert, S.; Wang, C.; Magedanz, T.; Sisalem, D. Specification-Based Denial-of-Service Detection for SIP Voice-over-IP Networks. In Proceedings of the 2008 The Third International Conference on Internet Monitoring and Protection, Bucharest, Romania, 29 June–5 July 2008; pp. 59–66. [Google Scholar]
- Ehlert, S.; Geneiatakis, D.; Magedanz, T. Survey of network security systems to counter SIP-based denial-of-service attacks. Comput. Secur. 2010, 29, 225–243. [Google Scholar] [CrossRef]
- Hussain, I.; Nait-Abdesselam, F. Strategy based proxy to secure user agent from flooding attack in SIP. In Proceedings of the 2011 7th International Wireless Communications and Mobile Computing Conference, Istanbul, Turkey, 4–8 July 2011; pp. 430–435. [Google Scholar]
- Hussain, I.; Djahel, S.; Zhang, Z.; Nait-Abdesselam, F. A comprehensive study of flooding attack consequences and countermeasures in session initiation protocol (SIP). Secur. Commun. Netw. 2015, 8, 4436–4451. [Google Scholar] [CrossRef]
- Wei, W.; Chen, F.; Xia, Y.; Jin, G. A Rank Correlation Based Detection against Distributed Reflection DoS Attacks. IEEE Commun. Lett. 2013, 17, 173–175. [Google Scholar] [CrossRef]
- Tan, Z.; Jamdagni, A.; He, X.; Nanda, P.; Liu, R.P. A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis. IEEE Trans. Parallel Distrib. Syst. 2014, 25, 447–456. [Google Scholar]
- Semerci, M.; Cemgil, A.; Sankur, B. An Intelligent Cyber Security System Against DDoS Attacks in SIP Networks. Comput. Netw. 2018, 136, 137–154. [Google Scholar] [CrossRef]
- Zargar, S.T.; Joshi, J.; Tipper, D. A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks. IEEE Commun. Surv. Tutor. 2013, 15, 2046–2069. [Google Scholar] [CrossRef] [Green Version]
- Dassouki, K.; Safa, H.; Nassar, M.; Hijazi, A. Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints. Comput. Secur. 2017, 70, 618–633. [Google Scholar] [CrossRef]
- Shah, Z.; Ullah, I.; Li, H.; Levula, A.; Khurshid, K. Blockchain Based Solutions to Mitigate Distributed Denial of Service (DDoS) Attacks in the Internet of Things (IoT): A Survey. Sensors 2022, 22, 1094. [Google Scholar] [CrossRef]
- Kurt, B.; Yildiz, C.; Ceritli, T.Y.; Sankur, B.; Cemgil, A.T. A Bayesian change point model for detecting SIP-based DDoS attacks. Digit. Signal Process. 2018, 77, 48–62. [Google Scholar] [CrossRef]
- Tang, J.; Cheng, Y.; Hao, Y.; Song, W. SIP Flooding Attack Detection with a Multi-Dimensional Sketch Design. IEEE Trans. Dependable Secur. Comput. 2014, 11, 582–595. [Google Scholar] [CrossRef]
- Nazih, W.; Hifny, Y.; Elkilani, W.S.; Dhahri, H.; Abdelkader, T. Countering DDoS Attacks in SIP Based VoIP Networks Using Recurrent Neural Networks. Sensors 2020, 20, 5875. [Google Scholar] [CrossRef]
- Amalou, W.; Mehdi, M. An Approach to Mitigate DDoS Attacks on SIP Based VoIP. Eng. Proc. 2022, 14, 6. [Google Scholar]
- Xu, R.; Cheng, J.; Wang, F.; Tang, X.; Xu, J. A DRDoS Detection and Defense Method Based on Deep Forest in the Big Data Environment. Symmetry 2019, 11, 78. [Google Scholar] [CrossRef]
- Nazih, W.; Elkilani, W.S.; Dhahri, H.; Abdelkader, T. Survey of Countering DoS/DDoS Attacks on SIP Based VoIP Networks. Electronics 2020, 9, 1827. [Google Scholar] [CrossRef]
- Keshariya, A.; Foukia, N. DDoS Defense Mechanisms: A New Taxonomy. In Proceedings of the Data Privacy Management and Autonomous Spontaneous Security, St. Malo, France, 24–25 September 2009; pp. 222–236. [Google Scholar]
- Tas, I.M.; Tas, H.; Oz, H.B. Cracking the SIP Authentication with a Hybrid Password Cracking Method Specified for SIP Applications. 2014. Available online: https://web.archive.org/web/20220709111334if_/http://www.satee.uab.ro/upls/volum_SATEE_2014.pdf#page=91&zoom=100,45,73 (accessed on 28 November 2022).
- Zoiper SIP Client (Softphone). 2017. Available online: https://www.zoiper.com (accessed on 25 January 2023).
- X-Lite SIP Client (Softphone). 2017. Available online: https://www.counterpath.com/x-lite/ (accessed on 25 January 2023).
- Sassani, B.A.; Abarro, C.; Pitton, I.; Young, C.; Mehdipour, F. Analysis of NTP DRDoS attacks’ performance effects and mitigation techniques. In Proceedings of the 2016 14th Annual Conference on Privacy, Security and Trust (PST), Auckland, New Zealand, 12–14 December 2016; pp. 421–427. [Google Scholar]
- Liu, B.; Berg, S.; Li, J.; Wei, T.; Zhang, C.; Han, X. The store-and-flood distributed reflective denial of service attack. In Proceedings of the 2014 23rd International Conference on Computer Communication and Networks (ICCCN), Shanghai, China, 4–7 August 2014; pp. 1–8. [Google Scholar]
- Ben-Porat, U.; Bremler-Barr, A.; Levy, H. Vulnerability of Network Mechanisms to Sophisticated DDoS Attacks. IEEE Trans. Comput. 2013, 62, 1031–1043. [Google Scholar] [CrossRef]
- Mirkovic, J.; Prier, G.; Reiher, P. Source-end DDoS defense. In Proceedings of the Second IEEE International Symposium on Network Computing and Applications, NCA 2003, Cambridge, MA, USA, 16–18 April 2003; pp. 171–178. [Google Scholar]
- Yaar, A.; Perrig, A.; Song, D. StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense. IEEE J. Sel. Areas Commun. 2006, 24, 1853–1863. [Google Scholar] [CrossRef] [Green Version]
- Bermudez-Edo, M.; Salazar-Hernandez, R.; Diaz-Verdejo, J.; Garcia-Teodoro, P. Proposals on assessment environments for anomaly-based network intrusion detection system. Crit. Inf. Infrastruct. Secur. 2006, LNCS 4347, 210–221. [Google Scholar]
- Rosenberg, J.; Schulzrinne, H.; Camarillo, G.; Johnston, A.; Peterson, J.; Sparks, R.; Handley, M.; Schooler, E. SIP: Session Initiation Protocol. 2002. Available online: https://tools.ietf.org/html/rfc3261 (accessed on 25 January 2023).
- Wang, H.; Jin, C.; Shin, K.G. Defense Against Spoofed IP Traffic Using Hop-Count Filtering. IEEE ACM Trans. Netw. 2007, 15, 40–53. [Google Scholar] [CrossRef] [Green Version]
- Pereira, D.; Oliveira, R. Detection of Abnormal SIP Signaling Patterns: A Deep Learning Comparison. Computers 2022, 11, 27. [Google Scholar] [CrossRef]
- Lansky, J.; Ali, S.; Mohammadi, M.; Majeed, M.K.; Karim, S.H.T.; Rashidi, S.; Hossein, M.; Rahmani, A.M. Deep Learning-Based Intrusion Detection Systems: A Systematic Review. IEEE Access 2021, 9, 101574–101599. [Google Scholar] [CrossRef]
- Charmet, F.; Tanuwidjaja, H.C.; Ayoubi, S.; Giemenez, P.; Han, Y.; Jmila, H.; Blanc, G.; Takahashi, T.; Zhang, Z. Explainable artificial intelligence for cybersecurity: A literature survey. Ann. Telecommun. 2022, 77, 789–812. [Google Scholar] [CrossRef]
- Capuana, N.; Fenza, G.; Loia, V.; Stanzione, C. Explainable Artificial Intelligence in Cybersecurity: A Survey. IEEE Access 2022, 10, 93575–93600. [Google Scholar] [CrossRef]
Related Work | Attack Type | Detection Method | Response Method | Real-Time Capability |
---|---|---|---|---|
[23,24] | RTP flooding | Hellinger distance | Dynamic rate limiting | Yes |
[30] | DDoS | Network-wide anomaly analysis | Monitoring scheme | No |
[32] | Various | Testbed simulation | Security policy and configuration | No |
[33] | Softphone vuln. exploitation | Context-aware filtering | NAT implementation SIP authentication | No No |
[44] | DDoS in IoT devices | Blockchain-based detection | Blockchain-based mitigation | No |
[43] | Cloud-based SIP flooding | Temporal and structural fingerprints | Fingerprint whitelist DB | Yes |
[46] | SIP flooding | Multidimentional sketch w/Hellinger distance | Selectively discard SIP messages | Yes |
[47] | DDoS | Recurrent neural networks w/token | Discard SIP messages | Yes |
[48] | SIP-based DDoS | Deep packet inspection (DPI) | New attack detection rules | Yes Yes |
[49] | DRDoS | Deep forest model | Filtering w/differentiated service procedure | No |
[15] | SIP-based DDoS | Statistical analysis, | Drop attack packets | Yes |
Our approach | SIP-based DRDoS | Statistical analysis, packet inspection | Drop attack packets | Yes |
User Type | Attack Intensity (pps) | CPU Usage during Attack (%) | CPU Usage after Defense (%) | Detection Time (s) | False Positive Rate (%) |
---|---|---|---|---|---|
Random | 1,000,000 | 74 | 20 | 12.2 | 0.3 |
Nonregistered | 1,000,000 | 67 | 17 | 13.3 | 0.2 |
Registered | 1,000,000 | 72 | 19 | 14.6 | 0.1 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Tas, I.M.; Baktir, S. A Novel Approach for Efficient Mitigation against the SIP-Based DRDoS Attack. Appl. Sci. 2023, 13, 1864. https://doi.org/10.3390/app13031864
Tas IM, Baktir S. A Novel Approach for Efficient Mitigation against the SIP-Based DRDoS Attack. Applied Sciences. 2023; 13(3):1864. https://doi.org/10.3390/app13031864
Chicago/Turabian StyleTas, Ismail Melih, and Selcuk Baktir. 2023. "A Novel Approach for Efficient Mitigation against the SIP-Based DRDoS Attack" Applied Sciences 13, no. 3: 1864. https://doi.org/10.3390/app13031864
APA StyleTas, I. M., & Baktir, S. (2023). A Novel Approach for Efficient Mitigation against the SIP-Based DRDoS Attack. Applied Sciences, 13(3), 1864. https://doi.org/10.3390/app13031864