Abstract : To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.
https://hal.inria.fr/hal-01056382 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Monday, August 18, 2014 - 6:05:23 PM Last modification on : Wednesday, November 10, 2021 - 9:02:03 AM Long-term archiving on: : Thursday, November 27, 2014 - 5:33:15 AM
Ge Zhang, Jordi Jaen Pallares, yacine Rebahi, Simone Fischer-Hübner. SIP Proxies: New Reflectors in the Internet. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. pp.142-153, ⟨10.1007/978-3-642-13241-4_14⟩. ⟨hal-01056382⟩