Abstract
To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.
Chapter PDF
Similar content being viewed by others
Keywords
- Session Initiation Protocol
- User Agent
- Legitimate User
- Elliptic Curve Cryptography
- Uniform Resource Locator
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Apache, HTTPd server, http://httpd.apache.org/ (visited August 16, 2009)
Berners-Lee, T., Fielding, R., Masinter, L.: Uniform Resource Identifier (URI): Generic syntax, RFC 3986 (2005)
Berners-Lee, T., Masinter, L., McCahill, M.: Uniform Resource Locators (URL), RFC 1738 (1994)
Blake-Wilson, S., Brown, D., Lambert, P.: Use of Elliptic Curve Cryptography (ECC) algorithms, RFC3278 (2002)
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2, RFC 5246 (2008)
Httperf, http://www.hpl.hp.com/research/linux/httperf/ (visited August 16, 2009)
Jennings, C., Peterson, J., Watson, M.: Private Extensions to the Session Initiation Protocol (SIP) for Asserted Identity within Trusted Networks, RFC 3325 (2002)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol, RFC 2401 (1998)
Paxson, V.: An analysis of using reflectors for distributed denial-of-service attacks. SIGCOMM Comput. Commun. Rev. 31(3), 38–47 (2001)
Peterson, J., Jennings, C.: Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP), RFC 4474 (2006)
Rebahi, Y., Pallares, J.J., Nguyen, T.M., Ehlert, S., Kovacs, G., Sisalem, D.: Performance analysis of identity management in the Session Initiation Protocol (SIP). In: Proceedings of the 2008 IEEE/ACS International Conference on Computer Systems and Applications, pp. 711–717. IEEE, Los Alamitos (2008)
Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol, RFC 3261 (2002)
SIP Express Router 2.0, http://www.iptel.org (visited September 16, 2008)
SIPp, http://sipp.sourceforge.net/ (visited September 16, 2008)
Zhang, G., Fischer-Hübner, S., Ehlert, S.: Blocking attacks on SIP VoIP proxies caused by external processing. Springer Telecommunication Systems (2009)
Zhang, G., Fischer-Hübner, S., Martucci, L.A., Ehlert, S.: Revealing the calling history of SIP VoIP systems by timing attacks. In: Proceedings of the 4th International Conference on Availability, Reliability and Security (ARES ’09), Fukuoka, Japan, pp. 135–142. IEEE Computer Society, Los Alamitos (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, G., Pallares, J.J., Rebahi, Y., Fischer-Hübner, S. (2010). SIP Proxies: New Reflectors in the Internet. In: De Decker, B., Schaumüller-Bichl, I. (eds) Communications and Multimedia Security. CMS 2010. Lecture Notes in Computer Science, vol 6109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13241-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-13241-4_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13240-7
Online ISBN: 978-3-642-13241-4
eBook Packages: Computer ScienceComputer Science (R0)