Abstract : To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.
https://hal.inria.fr/hal-01056382
Contributor : Hal Ifip
<>
Submitted on : Monday, August 18, 2014 - 6:05:23 PM
Last modification on : Friday, August 11, 2017 - 3:29:21 PM
Document(s) archivé(s) le : Thursday, November 27, 2014 - 5:33:15 AM
Ge Zhang, Jordi Jaen Pallares, Yacine Rebahi, Simone Fischer-Hübner. SIP Proxies: New Reflectors in the Internet. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. pp.142-153, ⟨10.1007/978-3-642-13241-4_14⟩. ⟨hal-01056382⟩
