Survey of security vulnerabilities in session initiation protocol

Geneiatakis, Dimitris; Dagiuklas, Tasos; Kambourakis, Georgios; Lambrinoudakis, Costas; Gritzalis, Stefanos; Ehlert, Karlovassi Sven; Sisalem, Dorgham

doi:10.1109/comst.2006.253270

Cited by 174 publications

(104 citation statements)

References 25 publications

Supporting

Mentioning

100

Contrasting

Unclassified

Order By: Relevance

“…These are alarming trends since such vulnerabilities can potentially give attackers the ability to listen-in on confidential voice communications or launch denial of service attacks as reported in previous studies [15,16].…”

Section: Prevalence Of Malicious Traffic In the Cellular Networkmentioning

confidence: 99%

Uncovering the footprints of malicious traffic in wireless/mobile networks

Raghuramu

Pathak

Zang

et al. 2016

Computer Communications

View full text Add to dashboard Cite

This paper presents a measurement study that analyzes large-scale traffic data gathered from two different wireless scenarios: cellular and WiFi networks.We first analyze packet traces and security event logs generated by over 2 million devices in a major US-based cellular network, and show that 0.17% of mobile devices are affected by security threats. We then analyze the aggregate network footprint of malicious and benign traffic in the cellular network, and demonstrate that statistical network features (e.g., uplink data transfer volume, IP entropy) can be effectively used to distinguish such malicious and benign traffic. We next investigate over 2.4 TB of WiFi traffic data, which are generated by 27 K distinct users, in a university campus network. Based on the lessons learned from a comprehensive exploration of a large feature space consisting of over 500 statistical attributes derived from network traffic to/from malicious and benign domains, we propose a novel, in-house traffic screening method, which has the capability of effectively identifying potential malicious domains. Our method achieves over 90% accuracy with only using a small set of simple statistical network features, without using any additional specialized datasets (e.g., geolocation database) or resource-intensive solutions (e.g., DPI boxes to collect HTTP traffic.).

show abstract

Section: Prevalence Of Malicious Traffic In the Cellular Networkmentioning

confidence: 99%

Uncovering the footprints of malicious traffic in wireless/mobile networks

Raghuramu

Pathak

Zang

et al. 2016

Computer Communications

View full text Add to dashboard Cite

show abstract

“…The selection of these symbols reflects the different parts of a SIP message that an attacker could craft in order to launch a resource consumption or other type of attack. In fact, this method of assault is well-documented and evaluated in various researches so far [7,8,9,31]. For instance, a malicious actor could fabricate different SIP messages by modifying some of their parts 135 such as <Via>, <From>, <To>, <Call-ID> headers or even the First Line (corresponding to symbols S2 -S5, and S1 in Figure 1) depending on the situation at hand.…”

Section: Symbol Definitionmentioning

confidence: 99%

“…Despite the advantages users enjoy due to SIP flexibility, various attacks have been 10 identified against SIP-based VoIP services [7,8,9]. To alleviate, if not eliminate, such security flaws a diversity of detection and prevention solutions have been proposed in the literature [10,11,12,13,14].…”

mentioning

confidence: 99%

An efficient and easily deployable method for dealing with DoS in SIP services

Tsiatsikas

Geneiatakis

Kambourakis

et al. 2015

Computer Communications

Self Cite

View full text Add to dashboard Cite

“…Fig. 2 shows a classification of attack mechanisms targeting the corresponding TCP/IP layers, and the resulting violations of the CIA security mechanism [4].…”

Section: Sip Threats Taxonomy and Attacksmentioning

confidence: 99%

“…Since VoIP uses the Internet Protocol (IP) to transfer voice data, so it inherits same threats, risks and vulnerabilities of the Internet, added to threats targeting the SIP signaling protocol [4]. SIP is a text based client-server protocol similar to the HTTP, and this text-based nature can cause weakness and arising vulnerabilities.…”

Section: Introductionmentioning

confidence: 99%

Multilayer Secured SIP Based VoIP Architecture

Basem¹,

Ghalwash²,

Sadek³

2015

IJCTE

View full text Add to dashboard Cite

Abstract-VoIP faces many emerging attacks and threats. securing SIP based VoIP is a major challenging task, hence confidentiality, integrity, availability, as well as authenticity must be provided. Focusing on three main critical attacks targeting SIP based VoIP infrastructure, which are Denial of service (DoS), man-in-the middle attack, and Authenticity based attacks. In this paper the main contribution is providing a secure efficient multilayer security architecture based on open source applications (snort, snortsam and iptables, as well as OPENVPN Tunnel), The architecture provides a secure reliable VoIP services for the enterprise network, that have been deployed based on asterisk PBX. The proposed security architecture aims to prevent the mentioned critical attacks, to provide CIAA security services, by proposing an adaptive rule based queuing polices. QoS is a major challenge, the paper also provides an enhancement for the proposed architecture to minimize the delay for more efficient secure communication, as well as preventing zero day attacks by exploiting method and updating Snort DB with attack signatures. QoS factors have been measured using OPNET simulators. The proposed architecture gives promising results when it comes to attacks prevention with 0.01% better performance results compared to previous work.

show abstract

Survey of security vulnerabilities in session initiation protocol

Cited by 174 publications

References 25 publications

Uncovering the footprints of malicious traffic in wireless/mobile networks

Uncovering the footprints of malicious traffic in wireless/mobile networks

An efficient and easily deployable method for dealing with DoS in SIP services

Multilayer Secured SIP Based VoIP Architecture

Contact Info

Product

Resources

About