Scheduled System Maintenance:
On May 6th, single article purchases and IEEE account management will be unavailable from 8:00 AM - 12:00 PM ET (12:00 - 16:00 UTC). We apologize for the inconvenience.
By Topic

Information leak vulnerabilities in SIP implementations

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Hong Yan ; Carnegie Mellon Univ., Pittsburgh, PA ; Hui Zhang ; Sripanidkulchai, K. ; Zon-Yin Shae
more authors

The use of VoIP as a cheaper communications alternative is growing at an astronomical rate. However, potential abuse of the technology may hinder its deployment. One key security concern is the exploitation of implementation vulnerabilities in the form of unauthorized access, worms, viruses, and denial of service attacks, particularly when combined with explicit targeting of implementations that are known to be vulnerable. One way to protect from exploitations of implementation-specific vulnerabilities is "security-by-obscurity" where a SIP device does not reveal its specific software version. For the same reason, the SIP standard does not encourage announcing the software version in SIP messages. In this article we show that even when SIP messages do not explicitly contain software version information, there is sufficient information leak to determine it. To demonstrate this, we introduce techniques to fingerprint SIP devices and develop a fingerprinting tool called SIPProbe that collects fingerprints and identifies SIP implementations. This type of information leak presents a new security concern as it can be used by malicious users as a building block to scan SIP devices and launch attacks

Published in:

Network, IEEE  (Volume:20 ,  Issue: 5 )