Abusing SIP Authentication

Authors:
Humberto Abdelnur;Tigran Avanesov;Michael Rusinowitch;Radu State
Affiliations:
-;-;-;-
Venue:
IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Year:
2008

Citing 0
Cited 4

A Survey of Voice over IP Security Research

ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
SIP authentication based on HOTP

ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
Proxychain: developing a robust and efficient authentication infrastructure for carrier-scale VoIP networks

USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Bringing VoIP Signatures to Mobile Devices

Proceedings of Principles, Systems and Applications on IP Telecommunications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The recent and massive deployment of Voice over IP infrastructures had raised the importance of the VoIP security and more precisely of the underlying signalisation protocol SIP. In this paper, we will present a new attack against the authentication mechanism of SIP. This attack allows to perform toll fraud and call hijacking. We will detail the formal speciﬁcation method that allowed to detect this vulnerability, highlight a simple usage case and propose a mitigation technique.