Designing attacks on SIP call set-up (Q5962408)
From MaRDI portal
 | This is the item page for this Wikibase entity, intended for internal use and editing purposes. Please use this page instead for the normal view: Designing attacks on SIP call set-up |
scientific article; zbMATH DE number 5789970
| Language | Label | Description | Also known as |
|---|---|---|---|
| default for all languages | No label defined |
||
| English | Designing attacks on SIP call set-up |
scientific article; zbMATH DE number 5789970 |
Statements
Designing attacks on SIP call set-up (English)
0 references
22 September 2010
0 references
Summary: Many protocols running over the internet are neither formalised, nor formally analysed. The amount of documentation for telecommunication protocols used in real-life applications is huge, while the available analysis methods and tools require precise and clear-cut protocol clauses. A manual formalisation of the Session Initiation Protocol (SIP) used in Voice over IP (VoIP) applications is not feasible. Therefore, by combining the information retrieved from the specification documents published by the IETF and traces of real-world SIP traffic, we craft a formal specification of the protocol in addition to an implementation of the protocol. In the course of our work we detected several weaknesses, both of SIP call set-up and in the Asterisk implementation of the protocol. These weaknesses could be exploited and pose as a threat for authentication and non-repudiation of VoIP calls.
0 references
formal specifications
0 references
VoIP
0 references
voice over IP
0 references
SIP call set-up
0 references
session initiation protocol
0 references
authentication
0 references
call hijack attacks
0 references
PROSA
0 references
asterisk implementation
0 references
call non-repudiation
0 references
information security
0 references
0.7499685287475586
0 references
0.7274793982505798
0 references
0.7137500047683716
0 references
0.70778888463974
0 references
0.7037034034729004
0 references
