On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers

Proceedings of the 4th International Symposium on ACM Symposium on Information, Computer and Communications Security, ASIACCS'09

Volumn , Issue , 2009, Pages 61-69

  Zhang, Ruishan ^a   Wang, Xinyuan ^a   Farley, Ryan ^a   Yang, Xiaohui ^a   Jiang, Xuxian ^b  

^a George Mason University   (United States)

^b North Carolina State University   (United States)

Author keywords

DNS spoofing; MITM attacks; SIP; VoIP security

Indexed keywords

DNS SPOOFING; IP ADDRESSS; MAN IN THE MIDDLE ATTACKS; MEDIA TRAFFIC; PHONE NUMBER; SPECIFIC PROTOCOL; VOIP SECURITY; VOIP SERVICE;

INTERNET PROTOCOLS; INTERNET TELEPHONY; LAUNCHING; NETWORK SECURITY; SIGNALING; TELEPHONE SETS; TELEPHONE SYSTEMS;

VOICE/DATA COMMUNICATION SYSTEMS;

EID: 77952347156     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1533057.1533069     Document Type: Conference Paper

References (26)

1. Black Hat USA 2007 Briefings. URL. http://www.blackhat.com/html/bh-usa- 07/bh-usa-07-speakers.html
2. First Report and Order and Notice of Proposed RuleMaking. URL. http://www.fcc.gov/cgb/voip911orderpdf.
3. DNSSEC. URL. http://www.dnssec.net/.
4. IDC Anticipates 34 Million More Residential VoIP Subscribers in 2010. URL. http://www.idc.com/getdoc.jsp?-containerId =prUS20211306.
5. OpenSSL DTLS Implementation Remote Heap Overflow Vulnerability. URL. http://secwatch.org/advisories/1019254
6. PROTOS SIP Fuzzer. URL. http://www.ee.oulu.fi/research/ouspg/protos/ testing/c07/sip
7. SANS Institute. DNS Spoofing by The Man In The Middle. http://www.sans.org/reading room/whitepapers/dns/1567php
8. Snort. URL. http://www.snort.org
9. US VoIP market shares. URL. http://blogs.zdnet.com/ITFacts/?p=11425.
10. Vonage. URL. http://www.vonage.com/.
11. Wireshark. URL. http://www.wireshark.org
12. J. Arkko, V. Torvinen, G. Camarillo, A. Niemi and T. Haukka. Security Mechanism Agreement for the Session Initiation Protocol (SIP). RFC 3329, IETF, January 2003.
13. M. Baugher, D. McGrew, M. Naslund, E. Carrara and K. Norrman. The Secure Real-time Transport Protocol (SRTP). RFC 3711, IETF, March 2004.
14. S. Bellovin, M. Blaze, E. Brickell, C. Brooks, V. Cerf, W. Diffie, S. Landau, J. Peterson and J. Treichler. Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP. http://www.cs.columbia.edu/smb/papers/CALEAVOIPreportpdf
15. F. Cao and S. Malik. Vulnerability analysis and best practices for adopting IP telephony in critical infrastructure sectors. Communications Magazine, 44 (4), Pages 138-145, April 2006.
16. R. Dantu and P. Kolan. Detecting spam in VoIP networks. In Proceedings of the Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI 2005), Cambridge, MA, July 2005.
17. S. McGann and D. C. Sicker. An analysis of Security Threats and Tools in SIP-Based VoIP Systems. Second VoIP Security Workshop, 2005.
18. P. Mockapetris. Domain names - implementation and specification. RFC 1035, IETF, November 1987.
19. B. Reynolds and D. Ghosal. Secure IP Telephony Using Multi-layered Protection In Proceedgins of the 2003 Network and Distributed System Security Symposium (NDSS 2003), Feburary 2003.
20. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M Handley and E. Schooler. SIP: Session Initiation Protocol. RFC 3261, IETF, June 2002.
21. S. Salsano, L. Veltri, D. Papalilo. SIP Security Issues: the SIP Authentication Procedure and Its Processing Load. IEEE Network, 16 (6), Pages 38-44, 2002.
22. H. Schulzrinne, S. Casner, R. Frederick and V. Jacobson. RTP: A Transport Protocol for Real-Time Applications. RFC 1889, IETF, January 1996.
23. H. Sengar, D. Wijesekera, H. Wang, and S. Jajodia. VoIP Intrusion Detection Through Interacting Protocol State Machines. In Proceedgins of the 2006 International Conference on Dependable Systems and Networks (DSN 2006), June 2006.
24. X. Wang, R. Zhang, X. Yang, X. Jiang, D. Wijesekera: Voice Pharming Attack and the Trust of VoIP. In Proceedings of 4th International Conference on Security and Privacy in Communication Networks (SecureComm 2008), September 2008.
25. Y. Wu, S. Bagchi, S. Garg, N. Singh. SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments In Proceedgins of the 2004 International Conference on Dependable Systems and Networks (DSN 2004), Pages 433-442, July 2004.
26. R. Zhang, X. Wang, X. Yang, X. Jiang. Billing Attacks on SIP-Based VoIP Systems. In Proceedings of the First USENIX Workshop on Offensive Technologies (WOOT 2007), August 2007.