金康双,王泽兵,冯雁,陈海燕

DOI: https://doi.org/10.3969/j.issn.1001-3695.2004.08.034

2004-01-01

Abstract:Session Initiation Protocol(SIP) is the Internet Engineering Task Force (IETF) standard for IP telephony,and it has a promising applied prospect.In this work,the security authentication mechanism used by SIP is described.Moreover an experimental performance analysis of the SIP security mechanisms is provided,which based on the open source Java implementation of a SIP proxy server.

葛颖彦,来学嘉

2009-01-01

Abstract:Session Initiation Protocol(SIP) is an application-layer control(signaling) protocol. Real-time transport protocol(RTP) provides end-to-end delivery services of real-time characteristics. This paper first describes the threats on RTP in SIP-based VoIP system. Then it analyzes the wiretap and RTP injection attack. Finally,some methods for defending these threats are given.

Zhang Zhaoxin,Fang Binxing,Hu Mingzeng,Zhang Hongli

DOI: https://doi.org/10.3772/j.issn.1002-0470.2008.03.003

2008-01-01

Abstract:In consideration of the security threats in session initiation protocol (SIP) based networks,this paper put forward the deterministic finite automation (DFA) model for SIP attack methods.The attack theories and methods of five attacks of registration hijacking,INVITE,re-INVITE,tearing down sessions,and DoS were deeply analys based on the model,and all the attacks were recurred in real circumstances.At the same time the method to forbid the third part registration or registration rank carving in dealing with registration hijacking attacks,and the improved HTTP digest authentication pro- tocol and the hop-by-hop encryption within proxy to deal with the attacks of INVITE,re-INVITE and BYE were put for- ward and implemented,which improved the security and usability of SIP networks.

Yuting Feng,Feng Xiong,Wenchao Huang,Yan Xiong

DOI: https://doi.org/10.1109/bigcom53800.2021.00005

2021-01-01

Abstract:The Internet Engineering Task Force (IETF) proposed the Session Initiation Protocol (SIP) as the IP-based telephony protocol. With the widespread application of the Voice over IP (VoIP) on Internet, Security problems of SIP have received a lot of attention of researchers and the authentication mechanism in SIP is becoming increasingly important. Many studies reveal that the initial version of SIP specification suffers malicious attacks. To improve the security of the authentication mechanism in SIP, amendments and supplements are expressed over years. Researches on the previous specification have been carried out and some attacks are found, such as replay attack, online dictionary attack, man in the middle attack, etc. However, there is currently a lack of security analysis to the fresh security mechanisms of SIP. In this paper, we accommodate such a requirement by analyzing the security properties of SIP Digest Access Authentication Scheme adopting a formal protocol analysis tool SPAN. The authentication scheme is modeled in the validator according to two practical scenarios. With the two back-ends of SPAN, the two models of authentication scheme are verified both as safe. This result confirms that the supplemented version of SIP authentication mechanism is more reliable.

张旭光,平玲娣,潘雪增

DOI: https://doi.org/10.3969/j.issn.1000-3428.2004.14.037

2004-01-01

Abstract:With the development of the Internet technologies and computer communication technologies, the traditionary circuit-switch based network must evolves to the new generation network which is based on the packet-switch technology. Facing the progress and status of the convergence of the three-networks, This document presents a distributed and SIP protocal based VoIP system prototype. Due to combinating of merits of SIP and IP, this model not only provides the interoperation with the existed network, but also provides an extendable plat for the NGN. This model uses private VoIP network to achieve the QoS.

XU Zhen-Duan,MA Jin,LU Song-nian

DOI: https://doi.org/10.3969/j.issn.1009-8054.2009.04.039

2009-01-01

Abstract:DoS/DDoS have become the biggest threat to the Internet,because the attacker could easily launch attack and hide themselves.With the fast development of the Internet,the core protocol of NGN-Session Initial Protocol(SIP)has become more and more popular,and security problem of SIP attracted more and more attention.This paper focuses on the research and analysis of DOS attack against SIP,and gives security solutions for mitigating the DOS attack.

Qing Lü

2007-01-01

Abstract:Session Initiation Protocol (SIP) is an important protocol adopted by the 3rd Generation Partnership Project (3GPP) for the IP Multimedia Subsystem (IMS). Facing the complex and open Internet environment, the security of SIP is poor. After the analysis of the security threats to SIP aiming at cleartext transmission of SIP message and lack of authentication methods, the scheme of data encryption and authentication are researched. And then, we discuss how using the existent techniques for improving the security of SIP and propose the ideas of the security solution to SIP.

Si Duanfeng,Long Qin,Han Xinhui,Zou Wei

DOI: https://doi.org/10.1109/ICCCAS.2004.1346199

2004-01-01

Abstract:We have proposed a generic SIP-based application topology model called secure multimedia communication infrastructure (SMCI) and constructed a real multimedia communication application based on it. We now emphasize the security issues in the SMCI and give the entire secure framework in detail. We also analyze the processing load of our security mechanism in order to explain the practicability of our secure framework. Hop by hop and end to end security are introduced to defend the attacks of registration hijacking, impersonating a server, tampering with message bodies, tearing down sessions, denial of service and amplification. We also considered the privacy problem that will be the most important consideration in the future. Finally, a security analysis is presented to demonstrate that the proposed security mechanisms are robust and efficient to secure the SMCI.

张兆心,张冰,方滨兴,胡萍,李斌

DOI: https://doi.org/10.3321/j.issn:1000-436x.2009.12.001

2009-01-01

Abstract:Through deeply analyzing on the principle,mode,character of DoS and the DoS attack faced by SIP network, combining with the state transferring of intrusion tolerance,the idea of Client Puzzle,the character of SIP session,SIP network and SIP proxy server,put forward the SIP intrusion tolerence mode based on state transferring,and designed the testbed to test the ability of resisting DoS attack.The experiment result prove that this model can effectively resist the DoS attack including aiming at computing ability,waiting time,and flood,which improve the ability of SIP server on resisting DoS attack and the usablity of SIP network.

Chen Changpeng,Jin Lei,Chen Kai,Bai Yingcai

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.08.064

2007-01-01

Abstract:Session Initiaton Protocol(SIP) is currently replacing H.323 step by step to be the promising signaling protocol for the IP telephony services.The SIP security issues are illustrated by several examples.And the security mechanism problem and the End-to-middle security problem are put forward.

Jin-long Hu,Ling Zhang,Yong Xu,Zhao Ye

DOI: https://doi.org/10.3969/j.issn.1000-565X.2012.04.001

2012-01-01

Abstract:As the traditional software-based SIP security schemes are vulnerable to embezzlement, deception and invasion, a dual authentication framework combined with the trusted computing technology is proposed for endpoint system and user identity. Then, a new SIP security scheme for Internet multimedia communication is presented, which takes advantage of the trusted platform module and the direct anonymous attestation algorithm to design a new registration sub-protocol for improving the security of multimedia communication systems. Moreover, the security of the registration sub-protocol is verified by using the provable security model, and the characteristics of the whole scheme are finally analyzed.

FENG Li,WANG Jun,SHA Li,LI Jun-chao,HOU Hui-chao

2011-01-01

Abstract:Existing research on the SIP conferencing always only focuses on system architecture,utility function and running performance,but overlooks security issue in conferences.The security problems mainly summarize to two kinds,which are confidentiality problems caused by leakage and reliability problems caused by SIP attacks.According to these problems in SIP conferencing,this paper proposes a series of methods to advance SIP standard conferencing framework.The conference confidentiality technology research includes password security and media security.We use moderator's authentication and encryption to achieve double insurance.The conference reliability research mainly includes standardized examination,protocol extensions and SIP flooding intrusion detection.We verify the reasonableness via the experiment at last.

Haoran Chen,Jianhua Chen,Han Shen

DOI: https://doi.org/10.1504/ijesdf.2017.10004413

2017-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:As a lightweight and flexible signalling protocol, session initiation protocol (SIP) has been widely used for establishing, modifying and terminating the sessions in the multimedia environment. The increasing concerns about the security of communication sessions that run over the public Internet has made authentication protocols for SIP more desired. Recently, Lu et al. proposed an authentication scheme for SIP and claimed that their scheme is secure against various known attacks while maintaining efficiency. However, in this paper we will indicate that their protocol suffers from server spoofing attacks and failed to provide mutual authentication as they claimed. Further, we have presented an improved authentication protocol for SIP and proved its security using BAN logic. Though the security and performance analysis, we illustrate that the proposed scheme is more secure and flexible.

Yun Zhao,Jianxin Wang,Xingjun Wang

DOI: https://doi.org/10.1109/ISCID.2013.35

2013-01-01

Abstract:With the development of Internet, people can use their computer to make calls instead of telephone. Many Internet calls take place without any protection. TLS and SRTP could keep the callee and caller from third party's malicious action. However, both methods could do little when the reliability of VoIP server is under suspicion. In this paper, we present a server irrelevant security mechanism for VoIP system based on SIP and RTP. This mechanism implements safety handshake in media channel. User gets certificate from third party CA. Caller and callee exchange PKI or IBE information during the call. As long as the server keeps media data unchanged, this mechanism could ensure the safety of the call against server eavesdropping. It is flexible because the user could utilize different CA to obtain suitable safety demand with the same VoIP server. Cooperating with other protective methods, it can provide a more reliable environment for Internet telephone.

张兆心,杜跃进,李斌,张宏莉

DOI: https://doi.org/10.3321/j.issn:1000-436x.2009.04.014

2009-01-01

Abstract:Through deeply analyzing on the principle,mode,character of DoS,and the DoS attack faced by SIP network,combining with the idea of Client Puzzle,DFA,long-distance linkage,host linkagethe,the character of SIP network,and the principle of SIP proxy server,the defence model of SIP proxy server for DoS attack was put forward,and the testbed to test the ability of this model to resist DoS attack was designed.The experiment result proves that this model can effectively resist the DoS attack for SIP proxy server with millisecond delay of signal transfer,and improves the usablity of SIP network.

邓秀锋,赵明生

DOI: https://doi.org/10.3969/j.issn.1000-3428.2004.10.040

2004-01-01

Abstract:The paper analyses the security threats and requirements of video conference. It also designs and implements a security mechanism of video conference by extending the session initiation protocol. Participants use their certificates to authenticate themselves to MCU, and negotiate keys with MCU. The keys are used for the encryption/decryption and authentication of media streams transferred by multicast in the conference. Some signaling messages are also encrypted and signed by this mechanism. This security mechanism supplies authentication for participants, integrity and confidentiality of communication data.

Menghao Zhang,Guanyu Li,Lei Xu,Jun Bi,Guofei Gu,Jiasong Bai

DOI: https://doi.org/10.1007/978-3-030-00470-5_8

2018-01-01

Abstract:Software-Defined Networking (SDN) continues to be deployed spanning from enterprise data centers to cloud computing with emerging of various SDN-enabled hardware switches. In this paper, we present Control Plane Reflection Attacks to exploit the limited processing capability of SDN-enabled hardware switches. The reflection attacks adopt direct and indirect data plane events to force the control plane to issue massive expensive control messages towards SDN switches. Moreover, we propose a two-phase probing-triggering attack strategy to make the reflection attacks much more efficient, stealthy and powerful. Experiments on a testbed with physical OpenFlow switches demonstrate that the attacks can lead to catastrophic results such as hurting establishment of new flows and even disruption of connections between SDN controller and switches. To mitigate such attacks, we propose a novel defense framework called SWGuard. In particular, SWGuard detects anomalies of downlink messages and prioritizes these messages based on a novel monitoring granularity, i.e., host-application pair (HAP). Implementations and evaluations demonstrate that SWGuard can effectively reduce the latency for legitimate hosts and applications under Control Plane Reflection Attacks with only minor overheads.

Qiong Pu,Jian Wang,Shuhua Wu

DOI: https://doi.org/10.1002/sec.568

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:ABSTRACTThe session initiation protocol (SIP) is the most widely used signaling protocol for creating, modifying, and terminating multimedia sessions in an Internet Protocol‐based telephony environment. Recently, Arshad et al. proposed an authentication scheme based on elliptic curve cryptosystems for SIP. In this paper, we first show that their scheme is vulnerable to the password‐guessing attack. Thereafter, we propose a new authentication and key agreement scheme for SIP, which is immune to the presented attacks. Our scheme achieves provable security and, yet, is efficient. Moreover, we also provide an extended scheme capable of protecting media stream's privacy even against SIP servers while supporting lawful interception, which is inevitably required for protecting the national security or for detecting the criminal evidence. Copyright © 2012 John Wiley & Sons, Ltd.

Bin Hou,Yu Q. Lu,De X. Ye,Gang Liu

2006-01-01

Abstract:This paper introduced the confidentiality and integrality of multimedia data in the SIP-based VoIP system, explained the essentiality and actuality of the problem, and analysed the key technology. Based on the theory of separating application and carrying layer, the encryption was designed on application layer, transparent to the transport layer and end-to-end, media stream security solution in VoIP.

Wenxia Zhu,Jianhua Chen,Debiao He

DOI: https://doi.org/10.1504/ijesdf.2015.072176

2015-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Providing a security and efficiently key agreement for session initiation protocol SIP is so important to protect communication sessions on the internet. An authentication should be finished before a user utilises the SIP service provided by a server. However, there are some security problems with SIP authentication. Recently, Tu et al. improved Zhang et al.'s authenticated key agreement protocol. They also claimed that their protocol could be resistant to kinds of attacks. In our paper, we show that their protocol is susceptible to the server spoofing attack, user impersonation attack. We also proposed an enhanced protocol which can be more secure and flexible here.