Referenced Items are not available for this document.
A key component of VoIP networks is the SIP signaling infrastructure. The reliance of public SIP servers on the Internet has opened up this critical infrastructure to a range of attacks. In particular, Denial of Service (DoS) attacks pose a serious security threat to the quality, reliability and availability of VoIP operations. In this paper, we investigate the impact of DoS attacks on SIP infrastructure, using a popular open source SIP server as a test bed. We have identified four attack scenarios that can exploit vulnerabilities in existing SIP authentication protocols, and we demonstrate the practical impact of these attacks on the target server. In response to these vulnerabilities, we have proposed several countermeasures to defend against each attack scenario. Our experimental results show that the current SIP implementation is highly vulnerable to DoS attacks and countermeasures are needed to make these servers more resilient. More importantly, we prove that authentication alone is no defence against DoS attacks in this context, and can actually increase the vulnerability of target servers instead of solving the problem of DoS attacks.
Published in:
Network Operations and Management Symposium, 2008. NOMS 2008. IEEE
Date of Conference: 7-11 April 2008
- Page(s):
- 41 - 48
- ISSN :
- 1542-1201
- E-ISBN :
- 978-1-4244-2066-7
- Print ISBN:
- 978-1-4244-2065-0
- INSPEC Accession Number:
- 10178505
- Conference Location :
- Salvador, Bahia
- Digital Object Identifier :
- 10.1109/NOMS.2008.4575115
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
