Study on Security Issue in Open Source SIP Server (original) (raw)
Related papers
Sip Network Security: Attacks, Security Measures & Management
2013
In the research area of network security, secure communication in session initiation protocol is a major issue. In this paper we intend to discuss SIP protocol, network attacks on it, network security measures and solutions for SIP management. First we will introduce the SIP protocols in short and later we will draw focus on attacks, security measures and solutions.
Study SIP Protocol on Asterisk Phone System and Offer Solutions to Its Security
International Journal of Wireless Communications and Mobile Computing, 2016
Undoubted every organization's heart is it's phone system. The old phone systems couldn't perform any method to make phone center and voice transmission intelligent on network and they had determinate abilities. Meantime Voice over Internet Protocol (VoIP) introduced itself to the world and performed a lot of abilities for clients like voice transmission on network. Many companies Investment on voip systems and implemented their methods on software and hardware packages. But between them a different production had designed and Performanced by Mark Spenser from Digium Company in 1992 which named Asterisk. Asterisk's increasing popularity's reason was its open code programs and its flexibility. VoIP systems such as Asterisk use voice transmission protocols to transfer voice over network. One of the voice transmission protocols is Session Initiation Protocol (SIP), which is one of the Asterisk's voice transmission protocols. The first and the most important point in voice transmission over network is security. Security can be divided to two parts as inscrutability of invaders to network and coding transmitted voices over network to prevention of illegal listening. In this project at first we tried to introduce Asterisk phone system's structure and Session Initiation Protocol (SIP) and then scrutiny method of Invader's dominance to this protocol and Performance modern methods to prevent hacker's dominance and also coding voice packages to Obscure them in transmission way.
International Conference on Aerospace Sciences & Aviation Technology, 2013
Session Initiation Protocol (SIP) is application layer signaling text-based protocol used for creating, modifying, and terminating multimedia communications sessions (Internet telephone calls, instant messaging, and multimedia conferences) among Internet endpoints. SIP is defined by the Internet Engineering Task Force (IETF) and documented in RFC 3261. Unfortunately, SIP-based application services using IP network are not only exposed to the security vulnerabilities inherited from IP but also exposed to new security vulnerabilities inherited from SIP. In this paper we present the most important security vulnerabilities, threats, and attacks against SIP-multimedia communications systems. Our goal is to provide roadmap to the interested persons for understanding existing capabilities, and identifying the gaps and vulnerabilities in SIP, We illustrate how these vulnerabilities can be exploited to compromise the security of SIP-based systems. Then we focus on Denial of Service (DoS) attacks that impact service availability along with the main detection techniques for these attacks.
Security analysis of VoIP architecture for identifying SIP vulnerabilities
2014 International Conference on Emerging Technologies (ICET), 2014
Voice over Internet Protocol (VoIP) is an emerging technology that changes the way of communication services over IP networks. It provides flexible and low cost services to the users, which make it more popular than the existing Public Switch Telephone Network (PSTN). With the popularity of this technology, it became targeted victim of different attacks. In this paper we analyzed VoIP architecture, both theoretically and practically with more emphasizes on security of Session Initiation Protocol (SIP). In order to analyze theoretically, we performed a literature survey related to SIP security and classified it in term of existing SIP attacks and defenses. Our theoretical analysis reveals that most attacks on VoIP architecture were successful due to weaknesses of SIP, especially the authentication mechanism used in the session establishment phase. For practical analysis, we used open source Asterisk and pen-test it in different attacking scenarios using Kali Linux distribution. Our practical analysis studies revealed that open source asterisk server is still vulnerable to several attacks, which includes eavesdropping, intentional interruption, social threats, interception and modification, and unintentional interruption. We also provide a concise mitigating scheme based on Single Sign-On (SSO), which provides an efficient and reliable authentication mechanism for securing SIP.
Network Security Framework To Counter SIP Based Attacks
The Session Initiation Protocol (SIP) is the multimedia communication protocol of the future used for Voice-over-IP (VoIP), Internet Multimedia Subsystem (IMS) and Internet Protocol Television (IPTV), its concepts are based on mature and open standards and its use is increasing rapidly within recent years. However, with its acceptance as a mainstream communication platform, security concerns become ever more important for users and service providers. The distinct nature of flooding attacks makes task of mitigating the attacks an enormous challenge to the security administrator. In this paper we identify different attacks on SIP-based networks with the focus on Denial-of-Service (DoS) ooding attacks and thus proposing a framework and algorithm which will help in the mitigation of SIP based attacks along with other attacks that prevail on our network / computer resources.
Study on Auto Detecting Defence Mechanisms against Application Layer Ddos Attacks in SIP Server
—Denial of Service (DoS) or Distributed Denial of Service (DDoS) is a powerful attack which prevents the system from providing services to its legitimate users. Several approaches exist to filter network-level attacks, but application-level attacks are harder to detect at the firewall. Filtering at application level can be computationally expensive and difficult to scale, while still creating bogus positives that block legitimate users. In this paper, authors show application layer DoS attack for SIP server using some open source DoS attack tools and also suggest a mechanism that can protect a given SIP server from application-level DoS attacks especially the attacks targeting the resources including CPU, sockets, memory of the victim server. In this paper author's attempt to illustrate application layer distributed denial of Service (DDoS) attack on SIP Server such as SIP flooding attack, real time transport (RTP) flooding attack using open source DDoS attack tools. We propose a new DDoS defence mechanism that protects SIP servers from application-level DDoS attacks based on the two methodologies: IPtables and fail2ban detection. The attack flow detection mechanism detects attach flows based on the symptom or stress at the server, since it is getting more difficult to identify bad flows only based on the incoming traffic patterns. A popular software known as Wireshark which is a network protocol analyzer is used to capture the packets during DoS attack from the victim server Ethernet interface to detect the attacking host IP address and analysis the types of attack. We evaluate the performance of the proposed scheme via experiment.
SIP Security Mechanism Techniques on Voice over Internet Protocol (VoIP) System
caesjournals.org
SIP-based VoIP system has many security problems because of the security mechanism of VoIP system and other external factors. These effects relate to the following three aspects: confidentiality, integrity and availability. The sip security mechanism technique on VoIP system and the components of SIP have been analyzed in this paper. The attacks on the SIP system, such as the registration hijacking, impersonating a proxy, denial of service and spam are discussed in detail. This paper has also pointed out the insufficiency of the SIP security mechanism, including different types of attacks.
An Empirical Study of Security of VoIP System
International journal of computer applications, 2018
As VoIP (Voice-over-IP) Services are becoming more popular, various types of attacks against them are increasing. SIP (Session Initiation Protocol) is the main protocol that is used in VoIP. SIP is subject to various types of attacks including DoS (Denial-of-Service) attack. This paper reports our experiment of simulating VoIP system using existing open source tools and technology. The simulated VoIP system is used to demonstrate a normal VoIP communication, launching DoS flooding attacks against SIP and implementing a successful Snort-based Intrusion Detection System (IDS) capable of catching suspicious SIP messages. Additionally, we propose a new VoIP architecture, which is based on buffering all incoming messages from clients with the intention of processing the messages in the buffer before they are forwarded to the destination.
An Experimental Study to Analyze SIP Traffic over LAN
VoIP (Voice over Internet Protocol) service has become famous now days due to their affordability and flexibility. VoIP networks use IP (Internet Protocol) phone to communicate over Internet or LAN (Local Area Network). Most IP phone use SIP (Session Initiation Protocol) for communication. The SIP (Session Initiation Protocol) was invented to help RTP (Real-Time Transport Protocol) in order to find destination IP address and port address over Internet. RTP use to transmit voice data between source and destination using their IP addresses and Port numbers. NAT (Network Address Translation) is a technique, which allows users to use multiple IP address internally for multiple devices to share one Internet connection. VoIP packets are routed over public Internet, which is not a secure platform. Sometimes data face delay problem due to network congestion. Many type of security and QoS (Quality of Service) techniques and algorithms are being designed to overcome these problems.
A novel design of a VoIP firewall proxy to mitigate SIP-based flooding attacks
International Journal of Internet Protocol Technology, 2008
This paper proposes a novel method to address the protection necessary to mitigate flooding attacks in VoIP networks which can produce rapid saturation of a firewall and crippling of a VoIP switch. The paper proposes a stateless firewall nonce checking mechanism as an extension to the existing (stateful) SIP digest authentication. This combination aims to form a more secure and flood-resistant authentication scheme for SIP-based VoIP systems. The proposed mechanism has been implemented on a Linux iptables firewall and the experimental results demonstrate proof-of-concept showing that by incorporating this mechanism it is possible to provide substantially improved SIP-based flooding mitigation.