loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Peter Qi Qiu ; Ostap Monkewic and Robert L. Probert

Affiliation: University of Ottawa, Canada

ISBN: 972-8865-15-5

Keyword(s): VoIP, signaling, authentication, vulnerability, session establishment, user registration, VOCAL, replay, spoofing, hijacking.

Abstract: This paper describes an attack-directed approach to test SIP authentication vulnerabilities in session establishment and user registration. This approach aims to exercise the known areas of weakness including the inherent vulnerabilities in SIP specification and the implementation vulnerabilities caused by programmers’ negligence. By using this approach and a self-made testing tool, we have successfully identified a number of vulnerabilities in a popular open source SIP implementation, namely VOCAL. This effective approach can also be used to test any other SIP implementations.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.214.184.124

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Qi Qiu P.; Monkewic O.; L. Probert R. and (2004). SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION.In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 1: SVoIPNet, (ICETE 2004) ISBN 972-8865-15-5, pages 223-229. DOI: 10.5220/0001405402230229

@conference{svoipnet04,
author={Peter {Qi Qiu} and Ostap Monkewic and Robert {L. Probert}},
title={SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 1: SVoIPNet, (ICETE 2004)},
year={2004},
pages={223-229},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001405402230229},
isbn={972-8865-15-5},
}

TY - CONF

JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 1: SVoIPNet, (ICETE 2004)
TI - SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION
SN - 972-8865-15-5
AU - Qi Qiu, P.
AU - Monkewic, O.
AU - L. Probert, R.
PY - 2004
SP - 223
EP - 229
DO - 10.5220/0001405402230229

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.