A Cross Layer Spoofing Detection Mechanism for Multimedia Communication Services

The convergence of different network types under the same architecture offers the opportunity for low cost multimedia services. The main objective has been the high quality of the provided services. However, considering that older equipment with limited processing capabilities may be present in such environments, a tradeoff between security and service quality is inevitable. Specifically, low resource enabled devices cannot utilize state of the art security mechanisms, such as IPSec tunnels, integrity mechanisms, etc., and they simply employ HTTP Digest authentication. The lack of integrity mechanisms in particular raises many security concerns for the IMS infrastructures. Attacks such as Man in the Middle (MitM), spoofing, masquerading, and replay that can be launched in IMS environments, have been pinpointed in bibliography by various researchers. Moreover, an internal attacker may utilize his legitimate security tunnels in order to launch spoofing and identity theft attacks. This paper presents a cross-layer spoofing detection mechanism that protects SIP-based infrastructures from the majority of the aforementioned attacks without requiring an additional cryptographic scheme which would inevitably introduce considerable overheads.