Abusing SIP Authentication

Humberto Abdelnur; Tigran Avanesov; Michaël Rusinowitch; Radu State

doi:10.1109/IAS.2008.29

Conference papers

Abusing SIP Authentication

Humberto Abdelnur ¹ Tigran Avanesov ² Michaël Rusinowitch ² Radu State ¹

1 MADYNES - Management of dynamic networks and services

INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications

2 CASSIS - Combination of approaches to the security of infinite states systems

FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods

Abstract : The recent and massive deployment of Voice over IP infrastructures had raised the importance of the VoIP security and more precisely of the underlying signalization protocol SIP. In this paper, we will present a new attack against the authentication mechanism of SIP. This attack allows to perform toll fraud and call hijacking. We will detail the formal specification method that allowed to detect this vulnerability, highlight a simple usage case and propose a mitigation technique.

Document type :

Conference papers

Domain :

Computer Science [cs] / Networking and Internet Architecture [cs.NI]

Complete list of metadata

Cited literature [11 references] Display Hide Download

https://hal.inria.fr/inria-00326077
Contributor : Humberto Abdelnur <>
Submitted on : Wednesday, October 1, 2008 - 3:21:51 PM
Last modification on : Friday, April 2, 2021 - 3:36:54 AM
Long-term archiving on: : Thursday, June 3, 2010 - 8:40:28 PM

Abusing SIP Authentication

File

Identifiers

Collections

Citation

Export

Metrics

346

1088

Contact Legal Notice Personal Data

Abusing SIP Authentication

File

Identifiers

Collections

Citation

Export

Share

Metrics

346

1088

Contact Legal Notice Personal Data