Consider the ability to use a computer to generate millions of calls into the VoIP
network, and one can see where this could be done quite easily with little to no sophistication.
Add the use of BOTs and a BOTNET and the threat becomes many more
times serious.
Security Procedures in the IMS 147
There are many ways that a DoS attack can be launched against a communications
network. Of course, simply generating millions of calls in a short time period will usually
do the trick and is not all that hard to accomplish (as we??™ve discussed).
With IP this may become a bit more difficult, depending on the architecture of the
network, simply because IP increases the bandwidth available (in most cases anyway),
but it remains a very high possibility. Call generation can be much easier in an IP environment,
and when mixed with other network transactions, easier still. There are other
ways to cause a DoS attack in an IP domain without generating calls.
For example, within the IMS domain, simply generating a large volume of registration
messages can create a DoS attack on the CSCF resources within a network. This
would render the affected portions of the network inaccessible for a given period of
time. Text messaging also presents a unique issue that should be taken into consideration.
Of course, the generation of text messages is very easy, and since SIP is the
carrier for these messages, it presents a unique challenge to the operator.
Pages:
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306