To detect the SIP (session initiation protocol) flooding attack against the IP Multimedia Subsystem of 3G core network, this study proposes a double sampling and a variable sampling interval detection approach. Based on the Counting Bloom Filter for the statistical detection of characteristic information, this approach divides the detection space into five areas, namely, the normal range, interesting range, detection range, precise detection range, and attack range, and detects the statistic data falling in each of the different ranges. Simulation experimental results show that this approach has a good detection performance.