KiF: A stateful SIP Fuzzer

Abstract : With the recent evolution in the VoIP market, where more and more devices and services are being pushed on a very promising market, assuring their security becomes crucial. Among the most dangerous threats to VoIP, failures and bugs in the software implementation will still rank high on the list of vulnerabilities. In this paper we address the issue of detecting such vulnerabilities using a stateful fuzzer. We describe an automated attack approach capable to self-improve and to track the state context of a target device. We implemented our approach and were able to discover vulnerabilities in market leading and well known equipments and software.
Document type :
Conference papers
1st International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), Jul 2007, New York, United States. ACM SIGCOMM


https://hal.inria.fr/inria-00166947
Contributor : Humberto Abdelnur <>
Submitted on : Tuesday, August 14, 2007 - 9:37:30 AM
Last modification on : Tuesday, August 14, 2007 - 11:39:39 AM

File

Kif_A_stateful_SIP_Fuzzer.pdf
fileSource_public_author

Identifiers

  • HAL Id : inria-00166947, version 1

Collections

Citation

Humberto Abdelnur, Olivier Festor, Radu State. KiF: A stateful SIP Fuzzer. 1st International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), Jul 2007, New York, United States. ACM SIGCOMM. <inria-00166947>

Export

Share

Metrics

Consultation de
la notice

222

Téléchargement du document

247