Abstract : To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.
Type de document :
Communication dans un congrès
Bart Decker; Ingrid Schaumüller-Bichl. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. Springer, Lecture Notes in Computer Science, LNCS-6109, pp.142-153, 2010, Communications and Multimedia Security. 〈10.1007/978-3-642-13241-4_14〉
https://hal.inria.fr/hal-01056382
Contributeur : Hal Ifip
<>
Soumis le : lundi 18 août 2014 - 18:05:23
Dernière modification le : vendredi 11 août 2017 - 15:29:21
Document(s) archivé(s) le : jeudi 27 novembre 2014 - 05:33:15
Ge Zhang, Jordi Jaen Pallares, Yacine Rebahi, Simone Fischer-Hübner. SIP Proxies: New Reflectors in the Internet. Bart Decker; Ingrid Schaumüller-Bichl. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. Springer, Lecture Notes in Computer Science, LNCS-6109, pp.142-153, 2010, Communications and Multimedia Security. 〈10.1007/978-3-642-13241-4_14〉. 〈hal-01056382〉
