A Cross Layer Spoofing Detection Mechanism for Multimedia Communication Services

International Journal of Information Technologies and Systems Approach

Volumn 4, Issue 2, 2011, Pages 32-47

  Vrakas, Nikos ^a   Lambrinoudakis, Costas ^a  

^a UNIVERSITY OF PIRAEUS   (Greece)

Author keywords

Cross Layer; IMS; IP Multimedia Subsystem; Security Mechanism; SIP; Spoofing; VoIP

Indexed keywords

EID: 85001721086     PISSN: 1935570X     EISSN: 19355718     Source Type: Journal    
DOI: 10.4018/jitsa.2011070103     Document Type: Article

References (34)

1. Abdelnur H., Avanesov T., Rusinowitch M. (2009). Abusing SIP authentication. Journal of Information Assurance and Security, 4(4).
2. Callegari, C., Garroppo, R. G., Giordano, S., Pagano, M., & Russo, F. (2009). A novel method for detecting attacks towards the SIP protocol. In Proceedings of the 12th International Symposium on Performance Evaluation of Computer & Telecommunication Systems (pp. 268–273).
3. Chen C.-Y., Wu T.-Y., Huang Y.-M., Chao H.-C. (2008). An efficient end-to-end security mechanism for IP multimedia subsystem. Computer Communications, 31(18), 4259–4268. 10.1016/j.comcom.2008.05.025
4. Dierks, T., & Allen, C. (1999). RFC 2246: The TLS protocol version 1.0. Retrieved from http:// www.ietf.org/rfc/rfc2246.txt
5. Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., et al. (1999). RFC 2617: HTTP authentication: basic and digest access authentication. Retrieved from http://rfc.askapache.com/rfc2617/
6. Gayraud, R., & Jaques, O. (2010). SIPp-SIP load generator. Retrieved from http://sipp.sourceforge.net/
7. Geneiatakis D., Dagiouklas A., Kambourakis G., Lambrinoudakis C., Gritzalis S., Ehlert S., et al(2006). Survey of security vulnerabilities in session initiation protocol. IEEE Communications Surveys and Tutorials, 8, 68–81. 10.1109/COMST.2006.253270
8. Geneiatakis D., Lambrinoudakis C. (2007). A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment. Telecommunication Systems, 36(4), 153–159. 10.1007/s11235–008–9065–5
9. Guaci, S. (n. d.). SIPVicious. Retrieved from http://code.google.com/p/sipvicious/
10. Hunter, M. T., Clark, R. J., & Park, F. S. (2007). Security issues with the IP multimedia subsystem (IMS). In Proceedings of the Workshop on Middleware for Next-Generation Converged Networks and Applications (p. 9).
11. Kent, S., & Atkinson, R. (1997). RFC 2406: IP encapsulating security payload (ESP). Retrieved from http://www.ietf.org/rfc/rfc2406.txt
12. Kent, S., & Atkinson, R. (1998). RFC 2401: Security architecture for the internet protocol. Retrieved from http://www.ietf.org/rfc/rfc2401.txt
13. Klein, A. (2007). BIND 9 DNS cache poisoning. Retrieved from http://www.trusteer.com/docs/bind9dns.html
14. Nassar, M., & Niccolini, S. (2007). Holistic VoIP intrusion detection and prevention system. In Proceedings of the 1st International Conference on Principles, Systems and Applications of IP Telecommunications (pp. 1–9).
15. Ohlmeier, N. (2010). SIP Swiss army knife. Retrieved from http://sipsak.org/
16. Park, F. S., Patnaik, D., Amrutkar, C., & Hunter, M. T. (2008). A security evaluation of IMS deployments. In Proceedings of the 2nd International Conference on Internet Multimedia Services Architecture and Applications (pp. 1–6).
17. Plummer, D. (1982). RFC 826: An ethernet address resolution protocol. Retrieved from http://tools.ietf.org/html/rfc826
18. Postel, J. (1981). RFC 791: IP: Internet protocol. Retrieved from http://faculty.ksu.edu.sa/fantookh/RFC/rfc791.txt.pdf
19. Ramsdell, B. (1999). RFC 2633: S/MIME version 3 message specification. Retrieved from http://tools.ietf.org/html/rfc2633
20. 3rd Generation Partnership Project. (2008). 3GPP TS 23.228: IP multimedia subsystems (IMS): Third generation partnership project, technical specification group services and system aspects. Retrieved from http://www.quintillion.co.jp/3GPP/Specs/23228–870.pdf
21. 3rd Generation Partnership Project. (2009). 3GPP TS 24.147: Conferencing using the IP multimedia (IM) core network (CN) subsystem: Technical specification group core network and terminals. Retrieved from http://ftp.3gpp.org/specs/html-info/24147.htm
22. 3rd Generation Partnership Project. (2010). 3GPP TS 33.203: 3G security: Access security for IP-based services (Release 10): Third generation partnership project, technical specification group services and system aspects. Retrieved from http://www.3gpp.org/ftp/specs/html-info/33203.htm
23. Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., et al. (2002). RFC 3261: SIP: Session initiation protocol. Retrieved from http://www.ietf.org/rfc/rfc3261.txt
24. Schulzrinne, H., Casner, S., Frederick, R., & Jacobson, V. (1996). RFC 1889: RTP: A transport protocol for real-time applications. Retrieved from http://www.ietf.org/rfc/rfc1889.txt
25. Sher, M., & Magedanz, T. (2007). Protecting IP multimedia subsystem (IMS) service delivery platform from time independent attacks. In Proceedings of the Third International Symposium on Information Assurance and Security (pp. 171–176).
26. Sher, M., Wu, S., & Magedanz, T. (2006). Security threats and solutions for application server of IP multimedia subsystem (IMS-AS). Retrieved from http://www.diadem-firewall.org/workshop06/papers/monam06-paper-28.pdf
27. Sisalem D., Kuthan J., Abend U., Floroiu J., Schulzrinne H. (2009). SIP Security. New York, NY: John Wiley & Sons. 10.1002/9780470516997
28. Tanase, M. (2003). IP spoofing: An introduction. Security Focus, 11.
29. Vrakas, N., Geneiatakis, D., & Lambrinoudakis, C. (2010). A call conference room interception attack and its detection. In Proceedings of the 7th International Conference on Trust, Privacy & Security in Digital Business (pp. 38–44).
30. Wagner R. (2001). Address resolution protocol spoofing and man-in-the-middle attacks. Reston, VA: The SANS Institute.
31. Walsh T. J., Kuhn D. R. (2005). Challenges in securing voice over iP. IEEE Security and Privacy, 3(3), 44–49. 10.1109/MSP.2005.62
32. Wu Y., Apte V., Bagchi S., Garg S., Singh N. (2009). Intrusion detection in voice over IP environments. International Journal of Information Security, 8(3), 153–172. 10.1007/s10207–008–0071–0
33. Wu, Y., Bagchi, S., Garg, S., Singh, N., & Tsai, T. (2004). Scidive: A stateful and cross protocol intrusion detection architecture for voice-over-IP environments. In Proceedings of the International Conference on Dependable Systems and Networks, Firenze, Italy (p. 433).
34. Zhang, R., Wang, X., Farley, R., Yang, X., & Jiang, X. (2009, March). On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers. In Proceedings of the 4th ACM Symposium on Information, Computer and Communications Security (pp. 61–69).