Article (Scientific journals)
Abusing SIP authentication
Abdelnur, Humberto J.; Avanesov, Tigran; Rusinowitch, Michael et al.
2009In Journal of Information Assurance and Security, 4, p. 311–318
Peer Reviewed verified by ORBi
 

Files


Full Text
jias-SIP.pdf
Publisher postprint (482.37 kB)
Request a copy

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Security threat; VoIP; SIP protocol; authentication; formal validation; AVISPA
Abstract :
[en] The recent and massive deployment of Voice over IP infrastructures had raised the importance of the VoIP security and more precisely of the underlying signalisation protocol SIP. In this paper, we will present a new attack against the authentication mechanism of SIP. This attack allows to perform toll fraud and call hijacking. We will detail the formal specification method that allowed to detect this vulnerability, highlight a simple usage case and propose a mitigation technique.
Disciplines :
Computer science
Identifiers :
UNILU:UL-ARTICLE-2010-101
Author, co-author :
Abdelnur, Humberto J.;  INRIA > Lorraine, Loria
Avanesov, Tigran ;  INRIA > Lorraine, Loria
Rusinowitch, Michael;  INRIA > Lorraine, Loria
State, Radu  ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC)
Language :
English
Title :
Abusing SIP authentication
Publication date :
2009
Journal title :
Journal of Information Assurance and Security
ISSN :
1554-1029
Publisher :
Dynamic, Atlanta, United States - Georgia
Volume :
4
Pages :
311–318
Peer reviewed :
Peer Reviewed verified by ORBi
Available on ORBilu :
since 12 July 2013

Statistics


Number of views
117 (2 by Unilu)
Number of downloads
1 (1 by Unilu)

Bibliography


Similar publications



Contact ORBilu