Abusing SIP authenticationReportar como inadecuado




Abusing SIP authentication - Descarga este documento en PDF. Documentación en PDF para descargar gratis. Disponible también para leer online.

* Corresponding author 1 MADYNES - Management of dynamic networks and services INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications 2 CASSIS - Combination of approaches to the security of infinite states systems FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies, INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications 3 FSTC - Faculté des Sciences, de la Technologie et de la Communication

Abstract : The recent and massive deployment of Voice over IP infrastructures had raised the importance of the VoIP security and more precisely of the underlying signalisation protocol SIP. In this paper, we will present a new attack against the authentication mechanism of SIP. This attack allows to perform toll fraud and call hijacking. We will detail the formal specification method that allowed to detect this vulnerability, highlight a simple usage case and propose a mitigation technique.

Keywords : VoIP SIP protocol authentication formal validation AVISPA Security threat





Autor: Humberto Abdelnur - Tigran Avanesov - Michael Rusinowitch - Radu State -

Fuente: https://hal.archives-ouvertes.fr/



DESCARGAR PDF




Documentos relacionados