Scalable detection of SIP fuzzing attacks

Proceedings - 2nd Int. Conf. Emerging Security Inf., Systems and Technologies, SECURWARE 2008, Includes DEPEND 2008: 1st Int. Workshop on Dependability and Security in Complex and Critical Inf. Sys.

Volumn , Issue , 2008, Pages 114-119

  Chen, Eric Y ^a   Itoh, Mitsutaka ^a  

^a NTT CORPORATION   (Japan)

Author keywords

[No Author keywords available]

Indexed keywords

CORE PROCESSORS; DETECTION RULES; MALICIOUS ATTACKS; SCALE-UP; SIDE EFFECTS; SYSTEM ARCHITECTURES; VOIP TECHNOLOGIES;

COMPUTER ARCHITECTURE; INTERNET PROTOCOLS; INTERNET TELEPHONY; VOICE/DATA COMMUNICATION SYSTEMS;

TELEPHONE SYSTEMS;

EID: 55849109674     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECURWARE.2008.11     Document Type: Conference Paper

References (18)

1. VOIPSA, http://www.voipsa.org/
2. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, E. Schooler. (2002). "SIP: Session Initiation Protocol", RFC3261.
3. M. Sutton, A. Greene, P. Amini, "Fuzzing, Brute Force Vulnerability Discovery," Addison Wesley, 2007, ISBN: 0-321-44611-9
4. US-CERT, "Multiple implementations of the Session Initiation Protocol (SIP) contain multiple types of vulnerabilities", Vulnerability Note VU#528719, 2003.
5. US-CERT, "Cisco Firewall Services Module vulnerable to DoS via inspection of malformed SIP messages", Vulnerability Note VU#430969, 2007.
6. US-CERT, "Apple Macintosh OS X VideoConference SIP heap buffer overflow", Vulnerability Note VU#969969, 2007.
7. US-CERT, "Linksys RT31P2 VoIP router denial of service vulnerabilities", Vulnerability Note VU#621566, 2006.
8. US-CERT, "Asterisk null pointer dereference remote pre-authentication DoS vulnerability", Vulnerability Note VU#228032, 2007.
9. "PROTOS - Security Testing of Protocol Implementations," University of Oulu. http://www.ee.oulu.fi/research/ouspg/protos.
10. "Asteroid - SIP Denial of Service Tool", http://www. infiltrated.net/asteroid/
11. Codenomicon, http://www.codenomicon.com/
12. D. Geneiatakis, G. Kambourakis, T. Dagiuklas, C. Lambrinoudakis, S. Gritzalis "A Framework for Detecting Malformed Messages in SIP Networks", 2005 IEEE Workshop on Local and Metropolitan Area Networks.
13. D. Geneiatakis, T. Dagiuklas, C. Lambrinoudakis, G. Kambourakis and S. Gritzalis, "Novel Protecting Mechanism for SIP-Based Infrastructure against Malformed Message Attacks: Performance Evaluation Study," CSNDSP 2006.
14. Snort, http://www.snort.org/
15. Libpcap, http://www.tcpdump.org/
16. Pcapy, http://oss.coresecurity.com/
17. Parallel Python, http://www.parallelpython.com/
18. M. Ozawa, E. Y. Chen, M. Itoh, M. Hatori, "Evaluation of a Detection System against Fuzzing Attacks on the SIP Protocol", ISEC, Technical Report of IEICE, 2007 (in Japanese)