SIP 등록취소 공격에 대한 단순한 방어 기법

Simple Protection Method against Deregistration Attack in SIP

  • 권경희 (단국대학교 소프트웨어학과)
  • 투고 : 2016.12.14
  • 심사 : 2016.12.26
  • 발행 : 2016.12.31

초록

Although deregistration attack is caused by simple spoofing the REGISTER message of a legitimate SIP UA, its impact is serious. The root cause of this attack is based on the fact that RFC 3261 allows the UA to remove the binding from the Location Server. In this paper, we propose a simple protection method to allow Registrar or Location Server just to ignore deregistration messages. We also show that this method works well by analyzing the process of registration and deregistration. Without any additional overhead such as an encryption or authentication, this method is able to establish a secure SIP environment efficiently protecting against the deregistration attack.

키워드

참고문헌

  1. Rsemberg, H.Schulzrinne, G Camarillo, A.Johnstion, J,Peterson, R.Sparks, M.handly, and E. Schooler, "SIP: Session Initation Protocol." RFC 3261, June 20, 1996.
  2. Kyung-Hee Kwon, "Protecting Deregistration Attack in SIP Using Delayed Deregistration", Journal of the Korea Contents Association, Vol. 12, No.12, pp.18-23, 2015.
  3. Mirko Raimondi,https://hakin9.org/voip-hacking-techniques.
  4. http://www.voip-info.org/
  5. Yun-Mi Go, Kyung-Hee Kwon, "Expanding the User Authentication Scheme in SIP", Journal of the Korea Contents Association, Vol.11, No.12, pp.88-98, 2011. https://doi.org/10.5392/JKCA.2011.11.12.088
  6. ETRI, "VoIP technology and market trends", ETRI 2006.
  7. Ruhul Islam, Smarajit Ghosh "SIP Security Mechanism Techniques on Voice over Internet Protocol(VoIP) System", International Journal of Computer Application In Engineering Science, Vol. 1, issue. 1, pp.94-99, 2011.
  8. Ha-na Yun, Hyung-Woo Lee, "Stateful SIP Protocol with Enhanced Security for Proactive Response on SIP Attack", Journal of the Korea Contents Association, Vol.10, No.1, pp.46-58, 2010. https://doi.org/10.5392/JKCA.2010.10.1.046
  9. El Sawda S., Urien P. "SIP Security Attacks and Solutions: A state-of-the-art Review", Information and Communication Technologies, ICTTA'06. 2nd, Vol 2, pp.3187-3191, 2006.
  10. Yijun Zeng, Omar Cherkaoui "Performance Study of COPS over TLS and IPSec Secure Session" LNCS2506, pp.133-144, Springer-Verlag, Berlin, Heidelberg, 2002.
  11. https://www.k2esec.com/network-security-protocolsipsec-vs-tlsssl-vs-ssh-part-ii/