International Journal of Advanced and Applied Sciences

Int. j. adv. appl. sci.

EISSN: 2313-3724

Print ISSN: 2313-626X

Volume 3, Issue 9  (September 2016), Pages:  90-96

Title: DDoS attacks in VoIP: a brief review of detection and mitigation techniques

Author(s):  Sambath Narayanan *, Selvakumar Manickam, Yu-Beng Leau


National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia (USM), Penang, Malaysia

Full Text - PDF          XML


Voice communication in recent trends has shown rapid growth in homes and businesses with the development of Voice over Internet Protocol (VoIP). The growth in VoIP subscribers was determined by the increase in VoIP flexibility, Quality of Service and monetary savings. The fall in public switched telephone network and raise in phone portability migrated PSTN to VoIP. The Session initiation protocol being an application layer protocol helps to create session between the caller and the called for bidirectional communication using SIP messages. The VoIP became targeted victim of different attacks as internet became the medium of transmission. The security vulnerabilities arise from new protocols and the existing infrastructure of traditional data network. Flood-based attacks are more threatening and annoying than other attacks. This brief review paper discusses on different types of VoIP attacks along with the existing VoIP detection and mitigation techniques based on Entropy, Wavelet, Sketch and Hellinger distance, Sunshine and RQA are presented. 

© 2016 The Authors. Published by IASE.

This is an open access article under the CC BY-NC-ND license (

Keywords: VoIP, SIP, DDoS, Security

Article History: Received 20 July 2016, Received in revised form 28 August 2016, Accepted 25 September 2016

Digital Object Identifier:


Narayanan S, Manickam S, and Leau YB (2016). DDoS attacks in VoIP: a brief review of detection and mitigation techniques. International Journal of Advanced and Applied Sciences, 3(9): 90-96


Butcher D, Li X and Guo J (2007). Security challenge and defense in VoIP infrastructures. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 37(6): 1152-1162.

Cha EC, Choi HK and Cho SJ (2007). Evaluation of security protocols for the session initiation protocol. The 16th IEEE International Conference on Computer Communications and Networks (ICCCN 2007): 611-616. 10.1109 /ICCCN.2007.4317885

Ekekwe N and Maduka A (2007). Security and risk challenges of voice over IP telephony. The IEEE International Symposium on Technology and Society (ISTAS 2007): 1-3.
Hallock J (2004). A brief history of VoIP. Evolution and Trends in Digital Media Technologies - COM 538. Masters of Communication in Digital Media - University of Washington, http://
Heckstall V (2016). 5 Reasons VoIP is Essential for Business Today. Retrieved 2 May, 2016, Available online at:
Hoffstadt D, Rathgeb E, Liebig M, Meister R, Rebahi Y and Thanh TQ (2014). A comprehensive framework for detecting and preventing VoIP fraud and misuse. The IEEE International Conference on Computing, Networking and Communications (ICNC): 807-813.
IBIS (2015). VoIP in the US: Market Research Report. Retrieved 3 May, 2015, Available online at:
Jeyanthi N, Thandeeswaran R and Vinithra J (2014). Rqa based approach to detect and prevent ddos attacks in voip networks. Cybernetics and Information Technologies, 14(1): 11-24.
Li M and Li M (2009). A new approach for detecting DDoS attacks based on wavelet analysis. 2nd IEEE International Congress on Image and Signal Processing (CISP '09): 1-5.
Sisalem D, Kuthan J and Ehlert S (2006). Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms. IEEE Network, 20(5): 26-31.
Sonkar SK, Singh R, Chauhan R and Singh AP (2012). A Review Paper: Security on Voice over Internet Protocol from Spoofing attacks. International Journal of Advanced Research in Computer and Communication Engineering, 1(3): 153-160.

Tang J, Cheng Y and Hao Y (2012, March). Detection and prevention of SIP flooding attacks in voice over IP networks. The 2012 IEEE Proceedings In INFOCOM: 1161-1169. /INFCOM.2012.6195475

Topic P (2013). VoIP Statistics - Market Analysis (Q1 2013). Point Topic Ltd, London, UK.
Tritilanunt S, Sivakorn S, Juengjincharoen C and Siripornpisan A (2010). Entropy-based input-output traffic mode detection scheme for DOS/DDOS attacks. The 2010 IEEE International Symposium on Communications and Information Technologies (ISCIT): 804-809.
Wansink K (2016). BuddeComm Intelligence Report - VoIP and Mobile VoIP Statistics and Insights. Retrieved 29 April, 2016, Available online at:
Zhao H and Ansari N (2012). Detecting covert channels within VoIP. The 35th IEEE Sarnoff Symposium (SARNOFF): 1-6. 10.1109/SARNOF.2012.6222709