Billing attacks on SIP-based VoIP systems
WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
A novel design of a VoIP firewall proxy to mitigate SIP-based flooding attacks
International Journal of Internet Protocol Technology
Voice pharming attack and the trust of VoIP
Proceedings of the 4th international conference on Security and privacy in communication netowrks
A new provably secure authentication and key agreement protocol for SIP using ECC
Computer Standards & Interfaces
Secure SIP: A Scalable Prevention Mechanism for DoS Attacks on SIP Based VoIP Systems
Principles, Systems and Applications of IP Telecommunications. Services and Security for Next Generation Networks
On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Analysing Protocol Implementations
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Improving authentication performance of distributed SIP proxies
Proceedings of the 3rd International Conference on Principles, Systems and Applications of IP Telecommunications
A Survey of Voice over IP Security Research
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Protecting SIP server from CPU-based DoS attacks using history-based IP filtering
IEEE Communications Letters
Design and analysis of SIP-based mobile VPN for real-time applications
IEEE Transactions on Wireless Communications
Designing attacks on SIP call set-up
International Journal of Applied Cryptography
On the billing vulnerabilities of SIP-based VoIP systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
A secure and efficient SIP authentication scheme for converged VoIP networks
Computer Communications
SIP server performance on multicore systems
IBM Journal of Research and Development
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
The impact of TLS on SIP server performance
Principles, Systems and Applications of IP Telecommunications
IPTV architecture for an IMS environment with dynamic QoS adaptation
Multimedia Tools and Applications
Design and implementation of SIP security
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
IPOM'05 Proceedings of the 5th IEEE international conference on Operations and Management in IP-Based Networks
Improving the performance of security of real-time video over IP
AIC'10/BEBI'10 Proceedings of the 10th WSEAS international conference on applied informatics and communications, and 3rd WSEAS international conference on Biomedical electronics and biomedical informatics
Transaction-based authentication and key agreement protocol for inter-domain VoIP
Journal of Network and Computer Applications
The impact of TLS on SIP server performance: measurement and modeling
IEEE/ACM Transactions on Networking (TON)
Journal of Network and Computer Applications
Multimedia Tools and Applications
Elliptic curve cryptography based mutual authentication scheme for session initiation protocol
Multimedia Tools and Applications
Robust smart card secured authentication scheme on SIP using Elliptic Curve Cryptography
Computer Standards & Interfaces
Hi-index | 0.00 |
Session Initiation Protocol (SIP) is currently receiving much attention and seems to be the most promising candidate as a signaling protocol for the current and future IP telephony services, also becoming a real competitor to the plain old telephone service. For the realization of such a scenario, there is an obvious need to provide a certain level of quality and security, comparable to that provided by the traditional telephone systems. While the problem of QoS mostly refers to the network layer, the problem of security is strictly related to the signaling mechanisms and the service provisioning model. For this reason, at present, a very hot topic in the SIP and IP telephony standardization track is security support. In this work, the security model used by SIP is described, and the different open issues are highlighted. We focus, in particular, on the problem of authentication providing a short tutorial on the solution under standardization. The architecture of a possible commercial IP telephony service including user authentication is also described. Finally, we focus on performance issues. By means of a real testbed implementation, we provide an experimental performance analysis of the SIP security mechanisms, based on our open source Java implementation of a SIP proxy server. The performance of the server has been compared with and without security support, under various scenarios.