Some communications service providers (“CSPs”) and enterprises have deployed real-time communications (“RTC”) applications based on the WebRTC protocol. WebRTC is an open Internet standard for embedding real-time multimedia communications capabilities (e.g., voice calling, video chat, peer to peer (“P2P”) file sharing, etc.) into a web browser. For any device with a supported web browser, WebRTC can use application programming interfaces (“APIs”) to equip the device with RTC capabilities without requiring users to download plug-ins. By using WebRTC, CSPs may create new web based communications services and extend existing services to web based clients.
A WebRTC application may reach a communications network through a gateway. Such gateway may need protection against security attacks aiming to bypass conventional security devices (e.g., firewalls) and/or disable network servers or services. Examples of these security attacks include sending invalid or poisonous data (e.g., garbage/fuzzing data or content that exploits weaknesses in the system) and denial-of-service (“DoS”) or distributed DoS (“DDoS”) attacks.