The following discussion sets forth the inventors' own knowledge of certain technologies and/or problems associated therewith. Accordingly, this discussion is not an admission of prior art, and it is not an admission of the knowledge available to a person of ordinary skill in the art.
With the transition from public switched telephone networks (PSTNs) to internet telephony, new challenges have arisen in protecting telephone networks. One consequence of transmitting telephone calls via the internet is that these calls are now subject to the vulnerabilities of the internet. One type of internet attack that is of particular concern to IP telephony systems is a denial of service attack. Due to the resource limits faced by IP telephony systems and the real-time requirements of IP telephony systems, denial of service attacks are particularly effective at disrupting the normal operations of an IP telephony system.
Denial of service attacks are used by malicious actors to effectively disable a network device. In a denial of service attack, an overwhelming number of messages are directed to a targeted networked device. The deluge of messages causes resource exhaustion on the targeted network device. Due to the resulting resource exhaustion, the targeted device is unable to process the incoming stream of messages and is thus unable to process legitimate messages in a timely manner.
Denial of service attacks can cause crippling problems in a network when directed at conventional targets, such as web server and email servers. The problems caused by denial of service attacks is even more harmful in real-time systems such as IP telephony networks. In conventional denial of service attacks, web servers and email servers are prevented from providing timely responses to external requests. In some situations, a delayed response by the targeted server may still be acceptable. For example, a delay in email delivery by a targeted email server may not even be perceived by users. In another example, a web server targeted by a denial of service attack may still be able to provide degraded, but still acceptable, performance by delivering low-bandwidth web content. In a real-time system, however, denial of service attacks completely disable the system's ability to provide any acceptable response. Significant financial harm can result from such disruptions in an IP telephony system. The effects of a denial of service attack can go beyond financial harm when directed at telephone networks such as 911 systems.
In addition to denial of service attacks, similar effects can result from non-malicious or marginally-malicious actors. Automated dialing systems are used by entities such as telemarketer and survey solicitors to automatically initiate calls. Malfunctions in these automated dialing systems or aggressive use of these system can result in excessive call volumes that can resemble a denial of service attack.
An IP telephony system must be able to operate in real-time. Due to the effects of a denial of service attack, an IP telephony system may be prevented from accepting any legitimate incoming calls. A denial of service attack may also result in unacceptably degraded quality of legitimate calls. Accordingly, there is a need for an IP telephony protection system that can prevent denial of service attacks from disrupting the operations of the IP telephony system. To address these, and other concerns, the inventors hereof have developed an IP telephony protection system, as described in detail below.