Designing attacks on SIP call set-up. (2nd July 2010)
- Record Type:
- Journal Article
- Title:
- Designing attacks on SIP call set-up. (2nd July 2010)
- Main Title:
- Designing attacks on SIP call set-up
- Authors:
- Hagalisletto, Anders Moen
Strand, Lars - Abstract:
- Many protocols running over the internet are neither formalised, nor formally analysed. The amount of documentation for telecommunication protocols used in real-life applications is huge, while the available analysis methods and tools require precise and clear-cut protocol clauses. A manual formalisation of the Session Initiation Protocol (SIP) used in Voice over IP (VoIP) applications is not feasible. Therefore, by combining the information retrieved from the specification documents published by the IETF and traces of real-world SIP traffic, we craft a formal specification of the protocol in addition to an implementation of the protocol. In the course of our work we detected several weaknesses, both of SIP call set-up and in the Asterisk implementation of the protocol. These weaknesses could be exploited and pose as a threat for authentication and non-repudiation of VoIP calls.
- Is Part Of:
- International journal of applied cryptography. Volume 2:Number 1(2010)
- Journal:
- International journal of applied cryptography
- Issue:
- Volume 2:Number 1(2010)
- Issue Display:
- Volume 2, Issue 1 (2010)
- Year:
- 2010
- Volume:
- 2
- Issue:
- 1
- Issue Sort Value:
- 2010-0002-0001-0000
- Page Start:
- 13
- Page End:
- 22
- Publication Date:
- 2010-07-02
- Subjects:
- formal specifications -- VoIP -- voice over IP -- SIP call set-up -- session initiation protocol -- authentication -- call hijack attacks -- PROSA -- Asterisk implementation -- call non-repudiation -- information security
Data encryption (Computer science) -- Periodicals
Cryptography -- Periodicals
Computer security -- Periodicals
652.8 - Journal URLs:
- http://inderscience.metapress.com/content/121008 ↗
http://www.inderscience.com/ ↗ - Languages:
- English
- ISSNs:
- 1753-0563
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8112.xml