Abusing SIP authentication

Proceedings - The 4th International Symposium on Information Assurance and Security, IAS 2008

Volumn , Issue , 2008, Pages 237-242

  Abdelnur, Humberto ^a   Avanesov, Tigran ^a   Rusinowitch, Michael ^a   State, Radu ^a  

^a INRIA   (France)

Author keywords

Authentication; AVISPA; Formal validation; Security threat; SIP protocol; VoIP

Indexed keywords

ACCESS CONTROL; AUTHENTICATION; INTERNET TELEPHONY; TELEPHONE SYSTEMS; VOICE/DATA COMMUNICATION SYSTEMS;

AVISPA; FORMAL VALIDATION; SECURITY THREAT; SIP PROTOCOL; VOIP;

INTERNET PROTOCOLS;

EID: 55349096825     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IAS.2008.29     Document Type: Conference Paper

References (12)

1. Avispa project, http://www.avispa-project.org.
2. H. Abdelnur, R. State, and O. Festor. "KiF: A state-ful SIP Fuzzer". In Proceedings of Principles, Systems and Applications of IP Telecommunications, IPTComm, pages 47-56, New-York, NY, USA, JUL 2007. ACM Press.
3. D. Geneiatakis, T. Dagiuklas, G. Kambourakis, C. Lam-brinoudakis, S. Gritzalis, K. Ehlert, and D. Sisalem. Survey of security vulnerabilities in session initiation protocol. Communications Surveys & Tutorials, IEEE, 8 (3): 68-81, 3rd. Qtr. 2006.
4. D. Geneiatakis and C. Lambrinoudakis. An ontology description for sip security flaws. Comput. Commun., 30 (6): 1367-1374, 2007.
5. P. Gupta and V. Shmatikov. "Security Analysis of Voice-over-IP Protocols". In 20th IEEE Computer Security Foundations Symposium (CSF), pages 49-63, Venice, Italy, JUL 2007. IEEE Computer Society, 2007.
6. A. B. Johnston and D. M. Piscitello. Understanding Voice over Ip Security (Artech House Telecommunications Library). Artech House, Inc., Norwood, MA, USA, 2006.
7. H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler. "SIP: Session Initiation Protocol", http://www.ietf.org/rfc/rfc3261.txt, June 2002.
8. H. Sengar, R. Dantu, and D. Wijesekera. Securing voip and pstn from integrated signaling network vulnerabilities. VoIP Management and Security, 2006. 1st IEEE Workshop on, pages 1-7, 3 April 2006.
9. H. Sengar, R. Dantu, D. Wijesekera, and S. Jajodia. "SS7 over IP: Signaling internetworking vulnerabilities". In IEEE Network, Vol. 20, No. 6, pages 32-41, November 2006.
10. D. Sisalem, J. Kuthan, and S. Ehlert. Denial of service attacks targeting a sip voip infrastructure: attack scenarios and prevention mechanisms. Network, IEEE, 20(5):26-31, Sept.-Oct. 2006.
11. P. Thermos and A. Takanen. Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures. Addison-Wesley Professional, 2007.
12. H. Wan, G. Su, and H. Ma. "SIP for Mobile Networks and Security Model". In International Conference on Wireless Communications, Networking and Mobile Computing, pages 1809-1812, Shanghai, China, September 2007. IEEE Computer Society, 2007.