Skip to main content
SpringerLink
Log in

Characteristics of Real Open SIP-Server Traffic

  • Conference paper
Book cover Passive and Active Measurement (PAM 2013)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 7799))

Included in the following conference series:

Abstract

Voice-over-IP (VoIP) is currently one of the most commonly used communication options and Session Initiation Protocol (SIP) is most often used for VoIP deployment. However, there is not a lot of general knowledge about typical SIP traffic and research in this area largely works with various assumptions. To address this deficiency, we present a thorough study of traffic of a real, free and publicly open SIP server. The findings reveal, among others, a surprisingly high overhead of SIP due to connection maintenance through Network Address Translation (NAT) nodes, differences from typical Web server Zipf’s-law patterns and various unexpected creative uses of SIP servers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Handley et. al. Sip: Session initiation protocol (rfc 2543), http://www.ietf.org/rfc/rfc2543.txt

  2. Rosenberg et. al. Sip: Session initiation protocol (rfc 3261), http://www.ietf.org/rfc/rfc3261.txt

  3. Rosenberg, J., et al.: Session traversal utilities for nat (stun), http://tools.ietf.org/html/rfc5389

  4. Mahy, R., et al.: Traversal using relays around nat (turn): Relay extensions to session traversal utilities for nat (stun), http://tools.ietf.org/html/rfc5766

  5. Rosenberg, J.: Ice: A protocol for network address translator traversal for offer/answer protocols, http://tools.ietf.org/html/rfc5245

  6. Sparks, R.: Sip: Basics and beyond. Queue 5(2), 22–33 (2007)

    Article  Google Scholar 

  7. Prasad, J.K., Kumar, B.A.: Analysis of sip and realization of advanced ip-pbx features. In: ICECT 2011, vol. 6, pp. 218–222 (April 2011)

    Google Scholar 

  8. Yeryomin, Y., Evers, F., Seitz, J.: Solving the firewall and nat traversal issues for sip-based voip. In: ICT 2008, pp. 1–6 (June 2008)

    Google Scholar 

  9. Song, M., Chi, J., Pi, R., Song, J.: Implementing an express sip nat traversal server. In: ICPCA 2007, pp. 527–529 (July 2007)

    Google Scholar 

  10. Heo, J., Chen, E.Y., Kusumoto, T., Itoh, M.: Statistical sip traffic modeling and analysis system. In: ISCIT, pp. 1223 –1228 (2010)

    Google Scholar 

  11. Cortes, M., Ensor, J.R., Esteban, J.O.: On sip performance. Bell Labs Technical Journal 9(3), 155–172 (2004)

    Article  Google Scholar 

  12. Kang, H.J., Zhang, Z.-L., Ranjan, S., Nucci, A.: Sip-based voip traffic behavior profiling and its applications. In: MineNet 2007, pp. 39–44 (2007)

    Google Scholar 

  13. Ehlert, S., Wang, C., Magedanz, T., Sisalem, D.: Specification-based denial-of-service detection for sip voice-over-ip networks. In: Internet Monitoring and Protection, ICIMP 2008, June 29 -July 5, pp. 59–66 (2008)

    Google Scholar 

  14. Nassar, M., State, R., Festor, O.: Monitoring SIP Traffic Using Support Vector Machines. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 311–330. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. Hentehzadeh, N., et al.: Statistical analysis of self-similar session initiation protocol (sip) messages for anomaly detection. In: 2011 4th IFIP Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5 (February 2011)

    Google Scholar 

  16. Ali Akbar, M., Farooq, M.: Application of evolutionary algorithms in detection of sip based flooding attacks. In: GECCO 2009 (2009)

    Google Scholar 

  17. Sisalem, D., Kuthan, J., Ehlert, S.: Denial of service attacks targeting a sip voip infrastructure: attack scenarios and prevention mechanisms. IEEE Network 20(5), 26–31 (2006)

    Article  Google Scholar 

  18. Andel, L., Kuthan, J., Sisalem, D.: Distributed media server architecture for sip using ip anycast. In: IPTComm 2009, pp. 5:1–5:11 (2009)

    Google Scholar 

  19. Community of developers. The sip router project (developed from openser), http://sip-router.org/

  20. Van Jacobson, Leres, C., McCanne, S., many later contributors: Tcpdump: Commandline packet analyzer, http://www.tcpdump.org/

  21. Combs, G., contributors: Wireshark - network protocol analyzer, http://www.wireshark.org

  22. WEBNet77. Ip to country multi-lookup tool, http://software77.net/geo-ip/multi-lookup/

  23. ACM SIGCOMM partners. The internet traffic archive, http://ita.ee.lbl.gov/html/traces.html

Download references

Author information

Authors and Affiliations

  1. Technicka 2, Czech Technical University in Prague, 166 27, Prague 6, Czech Republic

    Jan Stanek & Lukas Kencl

  2. Tekelec, Am Borsigturm 11, 13507, Berlin, Germany

    Jiri Kuthan

Authors
  1. Jan Stanek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lukas Kencl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiri Kuthan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Mathematical Sciences, University of Adelaide, Innova21 Building, 5005, Adelaide, SA, Australia

    Matthew Roughan

  2. Department of Computing, The Hong Kong Polytechnic University, Hunghom, Kowloon, Hong Kong SAR, China

    Rocky Chang

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Stanek, J., Kencl, L., Kuthan, J. (2013). Characteristics of Real Open SIP-Server Traffic. In: Roughan, M., Chang, R. (eds) Passive and Active Measurement. PAM 2013. Lecture Notes in Computer Science, vol 7799. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36516-4_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36516-4_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36515-7

  • Online ISBN: 978-3-642-36516-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation