Methods and apparatus to mitigate a denial-of-service attack in a voice over internet protocol network
First Claim
Patent Images
1. A method comprising:
- determining call initiation rate statistics;
determining a denial-of-service attack mitigation rule based on the call initiation rate statistics;
sending the denial-of-service attack mitigation rule to an attack mitigator via a session initiation protocol NOTIFY message; and
determining whether to reject a communication session request message based on the denial-of-service attack mitigation rule by;
comparing a first parameter of the communication session request message to a second parameter of the denial-of-service attack mitigation rule;
sending a session initiation protocol 5XX message to a calling device associated with the communication session request message when the first and second parameters match; and
forwarding the communication session request message to an Internet protocol multimedia subsystem core when the first and second parameters do not match.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus to mitigate a Denial-of-Service (DoS) attack in a voice over Internet protocol (VoIP) network are disclosed. An example method comprises receiving a communication session initiation message from a communication session endpoint, determining whether the communication session endpoint is associated with a probable DoS attack, and sending to the communication session endpoint a communication session initiation response message comprising a DoS header when the communication session endpoint is associated with the probable DoS attack.
46 Citations
16 Claims
-
1. A method comprising:
-
determining call initiation rate statistics; determining a denial-of-service attack mitigation rule based on the call initiation rate statistics; sending the denial-of-service attack mitigation rule to an attack mitigator via a session initiation protocol NOTIFY message; and determining whether to reject a communication session request message based on the denial-of-service attack mitigation rule by; comparing a first parameter of the communication session request message to a second parameter of the denial-of-service attack mitigation rule; sending a session initiation protocol 5XX message to a calling device associated with the communication session request message when the first and second parameters match; and forwarding the communication session request message to an Internet protocol multimedia subsystem core when the first and second parameters do not match. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus comprising:
-
a call statistics analyzer to determine a value representative of a likelihood that a denial-of-service attack is occurring; a mitigation rule selector to determine a denial-of-service attack mitigation rule based on the value; and a notifier to send the denial-of-service attack mitigation rule to an attack mitigator via a session initiation protocol NOTIFY message, the attack mitigator to determine whether to reject a communication session request message based on the denial-of-service attack mitigation rule by; comparing a first parameter of the communication session request message to a second parameter of the denial-of-service attack mitigation rule; sending a session initiation protocol 5XX message to a calling device associated with the communication session request message when the first and second parameters match; and forwarding the communication session request message to an Internet protocol multimedia subsystem core when the first and second parameters do not match, at least one of the call statistics analyzer, the mitigation rule selector, the notifier, or the Internet protocol multimedia subsystem core comprising a logic circuit. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. A border element for a voice over Internet protocol network, the border element comprising:
-
a network interface to send a session initiation protocol SUBSCRIBE message to a denial-of-service attack detector and to receive a session initiation protocol NOTIFY message comprising a denial-of-service attack mitigation rule; and an attack mitigator to determine whether to reject a communication session request message based on the denial-of-service attack mitigation rule by; comparing a first parameter of the communication session request message to a second parameter of the denial-of-service attack mitigation rule; sending a session initiation protocol 5XX message to a calling device associated with the communication session request message when the first and second parameters match; and forwarding the communication session request message to an Internet protocol multimedia subsystem core when the first and second parameters do not match, at least one of the network interface, the attack mitigator, or the Internet protocol multimedia subsystem core comprising a logic circuit. - View Dependent Claims (13, 14, 15, 16)
-
Specification