Browse > Article

Simple Protection Method against Deregistration Attack in SIP  

Kwon, Kyung Hee (Department of Software Science, Dankook University)
Publication Information
Journal of the Semiconductor & Display Technology / v.15, no.4, 2016 , pp. 92-96 More about this Journal
Abstract
Although deregistration attack is caused by simple spoofing the REGISTER message of a legitimate SIP UA, its impact is serious. The root cause of this attack is based on the fact that RFC 3261 allows the UA to remove the binding from the Location Server. In this paper, we propose a simple protection method to allow Registrar or Location Server just to ignore deregistration messages. We also show that this method works well by analyzing the process of registration and deregistration. Without any additional overhead such as an encryption or authentication, this method is able to establish a secure SIP environment efficiently protecting against the deregistration attack.
Keywords
SIP; Deregistration Attack; Impersonation Attack; Ignoring Deregistration Message; Removing Binding;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Rsemberg, H.Schulzrinne, G Camarillo, A.Johnstion, J,Peterson, R.Sparks, M.handly, and E. Schooler, "SIP: Session Initation Protocol." RFC 3261, June 20, 1996.
2 Kyung-Hee Kwon, "Protecting Deregistration Attack in SIP Using Delayed Deregistration", Journal of the Korea Contents Association, Vol. 12, No.12, pp.18-23, 2015.
3 Mirko Raimondi,https://hakin9.org/voip-hacking-techniques.
4 http://www.voip-info.org/
5 Yun-Mi Go, Kyung-Hee Kwon, "Expanding the User Authentication Scheme in SIP", Journal of the Korea Contents Association, Vol.11, No.12, pp.88-98, 2011.   DOI
6 ETRI, "VoIP technology and market trends", ETRI 2006.
7 Ruhul Islam, Smarajit Ghosh "SIP Security Mechanism Techniques on Voice over Internet Protocol(VoIP) System", International Journal of Computer Application In Engineering Science, Vol. 1, issue. 1, pp.94-99, 2011.
8 Ha-na Yun, Hyung-Woo Lee, "Stateful SIP Protocol with Enhanced Security for Proactive Response on SIP Attack", Journal of the Korea Contents Association, Vol.10, No.1, pp.46-58, 2010.   DOI
9 El Sawda S., Urien P. "SIP Security Attacks and Solutions: A state-of-the-art Review", Information and Communication Technologies, ICTTA'06. 2nd, Vol 2, pp.3187-3191, 2006.
10 Yijun Zeng, Omar Cherkaoui "Performance Study of COPS over TLS and IPSec Secure Session" LNCS2506, pp.133-144, Springer-Verlag, Berlin, Heidelberg, 2002.
11 https://www.k2esec.com/network-security-protocolsipsec-vs-tlsssl-vs-ssh-part-ii/