Information Security and Digital Forensics. First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers

Research Article

Overview of SIP Attacks and Countermeasures

Download
628 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-11530-1_10,
        author={Fadi El-moussa and Parmindher Mudhar and Andy Jones},
        title={Overview of SIP Attacks and Countermeasures},
        proceedings={Information Security and Digital Forensics. First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers},
        proceedings_a={ISDF},
        year={2012},
        month={5},
        keywords={SIP Denial of Service Authentication Buffer overflow SIP Injection SPIT Internet Telephony},
        doi={10.1007/978-3-642-11530-1_10}
    }
    
  • Fadi El-moussa
    Parmindher Mudhar
    Andy Jones
    Year: 2012
    Overview of SIP Attacks and Countermeasures
    ISDF
    Springer
    DOI: 10.1007/978-3-642-11530-1_10
Fadi El-moussa1,*, Parmindher Mudhar2,*, Andy Jones,*
  • 1: Centre for Information & Security Research
  • 2: Security Design and Operate
*Contact email: Fadiali.el-moussa@bt.com, parminder.mudhar@bt.com, Andrew.28.jones@bt.com

Abstract

The Security threats to current circuit switched networks dedicated to a single voice application such as the Public Switched Telephone NetworkPSTN are considered minimal. However, in open environments such as the Internet, conducting an attack on voice applications such as Voice over IP (VoIP) is much simpler. This is because VoIP services such as Session Initiation Protocol (SIP) are using servers that are reachable through the Internet. The aim of SIP is to provide the same functionality as traditional PSTN over the Internet. SIP service is implemented in either software or hardware and can suffer similar security threats as HTTP or any publicly available service on the Internet such as buffer overflow, injection attack, hijacking, etc. These attacks are simple to mount, with minimal charges or no cost to the attacker. This paper describes various possible security threats that a VoIP provider could encounter and the impact of these threats on the VoIP infrastructure. In addition, this paper investigates current solutions and mitigation techniques for VoIP attacks in order to provide more reliable VoIP services. The SIP taxonomy presented in the paper can be used as a baseline model to evaluate a SIP product against current and future vulnerabilities and gives a number of possible countermeasures that can be used to mitigate the threats.