Research Article
Overview of SIP Attacks and Countermeasures
@INPROCEEDINGS{10.1007/978-3-642-11530-1_10, author={Fadi El-moussa and Parmindher Mudhar and Andy Jones}, title={Overview of SIP Attacks and Countermeasures}, proceedings={Information Security and Digital Forensics. First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers}, proceedings_a={ISDF}, year={2012}, month={5}, keywords={SIP Denial of Service Authentication Buffer overflow SIP Injection SPIT Internet Telephony}, doi={10.1007/978-3-642-11530-1_10} }
- Fadi El-moussa
Parmindher Mudhar
Andy Jones
Year: 2012
Overview of SIP Attacks and Countermeasures
ISDF
Springer
DOI: 10.1007/978-3-642-11530-1_10
Abstract
The Security threats to current circuit switched networks dedicated to a single voice application such as the Public Switched Telephone NetworkPSTN are considered minimal. However, in open environments such as the Internet, conducting an attack on voice applications such as Voice over IP (VoIP) is much simpler. This is because VoIP services such as Session Initiation Protocol (SIP) are using servers that are reachable through the Internet. The aim of SIP is to provide the same functionality as traditional PSTN over the Internet. SIP service is implemented in either software or hardware and can suffer similar security threats as HTTP or any publicly available service on the Internet such as buffer overflow, injection attack, hijacking, etc. These attacks are simple to mount, with minimal charges or no cost to the attacker. This paper describes various possible security threats that a VoIP provider could encounter and the impact of these threats on the VoIP infrastructure. In addition, this paper investigates current solutions and mitigation techniques for VoIP attacks in order to provide more reliable VoIP services. The SIP taxonomy presented in the paper can be used as a baseline model to evaluate a SIP product against current and future vulnerabilities and gives a number of possible countermeasures that can be used to mitigate the threats.