Abusing SIP authentication

The recent and massive deployment of Voice over IP infrastructures had raised the importance of the VoIP  security and more precisely of the underlying signalisation protocol SIP. In this paper, we will present a new attack against the authentication mechanism of SIP. This attack allows to perform t...

Full description

Saved in:
Bibliographic Details
Main Authors: Abdelnur, H., Avanesov, T., Rusinowitch, M., State, R.
Format: Conference Proceeding
Language:English
Subjects:
Authentication
AVISPA
Codecs
formal validation
Internet
Media
Multimedia communication
Protocols
Security
Security threat
SIP protocol
VoIP
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The recent and massive deployment of Voice over IP infrastructures had raised the importance of the VoIP  security and more precisely of the underlying signalisation protocol SIP. In this paper, we will present a new attack against the authentication mechanism of SIP. This attack allows to perform toll fraud and call hijacking. We will detail the formal specification method that allowed to detect this vulnerability, highlight a simple usage case and propose a mitigation technique.
DOI:10.1109/IAS.2008.29