Side effects of identity management in SIP VoIP environment
نویسندگان
چکیده
In this article, we summarize the security threats targeting SIP proxy servers or other infrastructures in NGN by misusing a specific signaling authentication mechanism, which has been proposed in RFC 4474 (Peterson and Jennings, 2006). This mechanism is designed to authenticate inter-domain SIP requests based on domain certificates to prevent identity theft. Nevertheless, despite its contribution, this protection raises some “side effects”, that actually lead to new vulnerabilities in both the availability and confidentiality of SIP services. We provide an overview of different attack possibilities and explain them in more detail, including attacks utilizing algorithm complexity, certificates storage, and certificates distribution. We also suggest some alternative design to prevent or reduce the attacks. SIP, VoIP, NGN, Authentication, Denial of Service, Timing attack. a 2011 Elsevier Ltd. All rights reserved.
منابع مشابه
Security testing of session initiation protocol implementations
The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...
متن کاملAnalysis and Modeling of VoIP Servers: A Linear Programming Approach
The SIP protocol was standardized by the IETF at the application layer for initiating, managing, and terminating multimedia sessions and has been widely used as the main signaling protocol on both the Internet and VoIP networks. Most challenges in this protocol are overload and lack of proper state distribution. These challenges cause a wide range of next-generation network users to face a shar...
متن کاملمهندسی مجموعه ویژگی برای تشخیص حملات سیلآسا در VoIP مبتنی بر SIP
پروتکل SIP به عنوان پروتکل اصلی لایه کنترل در شبکههای نسل آینده و کاربردهای چند رسانهای نظیر ویدئو کنفرانس، تلویزیون و تلفن اینترنتی (VoIP) مطرح شده است. اصلیترین حملات موجود در VoIP با عنوان حملات سیلآسا شناخته میشوند که بیش از 98 درصد آنها به علت مشکلات پیادهسازی و پیکربندی و کمتر از دو درصد آسیبپذیریهای مربوطه به علت ضعف پروتکل به وقوع میپیوندند. در این مقاله یک مجموعه ویژگی برای ت...
متن کاملDetecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملSIP Automated Test Platform
IP networks have been becoming more popular communication infrastructures due to the lower operational costs in recent years. Mainly, usage of IP networks in voice services, which is denominated by VoIP (Voice over IP), has made difference in telephony networks not only the way of the people’s communications, but also telecommunication companies’ and operators’ solutions. In this scope, IMS (IP...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Inf. Sec. Techn. Report
دوره 16 شماره
صفحات -
تاریخ انتشار 2011