Q

What's the difference between a SIP-flood attack and a TDoS attack?

While SIP-flood attacks and TDoS attacks have similar goals, their attack vectors are very different. Industry expert Michael Brandenburg explains.

What's the difference between a SIP-flood attack and a telephony denial of service (TDoS) attack? Are they the same thing?

Ask the expert

Do you have a vexing problem for Michael Brandenburg or any of our other experts? Ask your enterprise-specific questions today! (All questions are treated anonymously.)

While both types of attacks have a similar goal in disrupting unified communications (UC) platforms, the attack vector the two methods use is very different. In the case of a TDoS, the attack vector is the target's telephone numbers. By flooding a company's phone circuits with fraudulent inbound calls, a TDoS attack can ultimately prevent legitimate calls (and potential customers) from ever reaching the target business. Without some form of countermeasure, this type of attack can affect everything from the oldest of PBXs to the newest of cloud-based hosted UC platforms.

A SIP-based attack, on the other hand, is a decidedly network-driven attack, and is similar to the types of attacks inflicted upon Internet Web servers. In the case of a SIP-flood, seemingly valid SIP protocol requests attempt to either gain access as a remote endpoint or inundate the UC platform and its endpoints with so many requests that the systems or devices crash, which ultimately disrupts services or exposes vulnerabilities.

Because the two types of attacks target the system in different ways, each has its own way of mitigation. SIP-based attacks might be identified and thwarted by E-SBCs deployed at the network edge to provide flood detection as well as obfuscation of network resources. TDoS attempts, on the other hand, may require call blocking and other tools available from your carrier.

For more information:

This was first published in October 2013

Dig deeper on Unified Communications Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchMobileComputing

SearchNetworking

SearchTelecom

SearchITChannel

SearchEnterpriseWAN

SearchExchange

Close