SIP proxies: new reflectors in the internet

Authors:
Ge Zhang;Jordi Jaen Pallares;Yacine Rebahi;Simone Fischer-Hübner
Affiliations:
Karlstad University, Karlstad, Sweden;Fraunhofer FOKUS, Berlin, Germany;Fraunhofer FOKUS, Berlin, Germany;Karlstad University, Karlstad, Sweden
Venue:
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Year:
2010

Citing 2
Cited 2

An analysis of using reflectors for distributed denial-of-service attacks

ACM SIGCOMM Computer Communication Review
Performance analysis of identity management in the Session Initiation Protocol (SIP)

AICCSA '08 Proceedings of the 2008 IEEE/ACS International Conference on Computer Systems and Applications

Side effects of identity management in SIP VoIP environment

Information Security Tech. Report
Transaction-based authentication and key agreement protocol for inter-domain VoIP

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.