SIPA: generic and secure accounting for SIP

Authors:
Alexandros Tsakountakis;Georgios Kambourakis;Stefanos Gritzalis
Affiliations:
Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, GR-83200, SamosGreece;Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, GR-83200, SamosGreece;Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, GR-83200, SamosGreece
Venue:
Security and Communication Networks
Year:
2012

Citing 10
Cited 0

Mobility support using SIP

WOWMOM '99 Proceedings of the 2nd ACM international workshop on Wireless mobile multimedia
Achieving user privacy in mobile networks

ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Accounting management for session mobility in an ubiquitous environment

Proceedings of the 2006 international conference on Wireless communications and mobile computing
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures

Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
Billing attacks on SIP-based VoIP systems

WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
A Mechanism for Ensuring the Validity and Accuracy of the Billing Services in IP Telephony

TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
A generic accounting scheme for next generation networks

Computer Networks: The International Journal of Computer and Telecommunications Networking
A framework for identity privacy in SIP

Journal of Network and Computer Applications
Survey of security vulnerabilities in session initiation protocol

IEEE Communications Surveys & Tutorials
Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms

IEEE Network: The Magazine of Global Internetworking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Authentication, authorization, and accounting services provide the framework on top of which a reliable, secure, and robust accounting system can be built. In a previous work of ours, we have presented a flexible and, most importantly, generic accounting scheme for next generation networks. In this paper, we substantially improve our previous work by providing the required Diameter application namely SIP-Accounting (SIPA) that enables the use of our accounting scheme for Session Initiation Protocol (SIP) services. Additionally, in an effort to protect the service providers and the end users against accounting frauds, we implement an add-on mechanism referred to as SIPA+ to combat attacks targeting the core accounting functions and the integrity of the respective accounting messages. Using the implemented SIPA and SIPA+ prototypes, we conducted a complete set of experiments testing several configurations and two distinct scenarios. The results reveal that the proposed accounting system and its security add-on are fully operable in SIP environments without incurring much cost in terms of performance and overhead. Copyright © 2011 John Wiley & Sons, Ltd. (This paper is part of the 03ED675 research project, implemented within the framework of the “Reinforcement Programme of Human Research Manpower” (PENED) and co-financed by national and community funds (25% from the Greek Ministry of Development—General Secretariat of Research and Technology and 75% from EU—European Social Fund).)