• Title/Summary/Keyword: SIP threat

Search Result 5, Processing Time 0.022 seconds

Detection of SIP Flooding Attacks based on the Upper Bound of the Possible Number of SIP Messages

  • Ryu, Jea-Tek;Roh, Byeong-Hee;Ryu, Ki-Yeol
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.3 no.5
    • /
    • pp.507-526
    • /
    • 2009
  • Since SIP uses a text-based message format and is open to the public Internet, it provides a number of potential opportunities for Denial of Service (DoS) attacks in a similar manner to most Internet applications. In this paper, we propose an effective detection method for SIP flooding attacks in order to deal with the problems of conventional schemes. We derive the upper bound of the possible number of SIP messages, considering not only the network congestion status but also the different properties of individual SIP messages such as INVITE, BYE and CANCEL. The proposed method can be easily extended to detect flooding attacks by other SIP messages.

A SIP INVITE Flooding Detection algorithm Considering Upperbound of Possible Number of SIP Messages (발생 메시지의 상한값을 고려한 SIP INVITE 플러딩 공격 탐지 기법연구)

  • Ryu, Jea-Tek;Ryu, Ki-Yeol;Roh, Byeong-Hee
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.8B
    • /
    • pp.797-804
    • /
    • 2009
  • Recently, SIP(Session Initiation Protocol) is used to set up and manage sessions for multimedia applications such as VoIP(Voice over IP) and IMS(IP Multimedia Subsystem). However, because SIP operates over the Internet, it is exposed to pre-existed internet security threats such as service degradation or service disruptions. Multimedia applications which are delay sensitive even suffers more from the threats mentioned above. The proposed methods so far to detect SIP INVITE flooding are CUSUM(Cumulative Sum), Hellinger distance and adaptive threshold, but among methods only take normal state into consideration. So, it is not capable of adapting the condition of the network congestion which are dynamically changing. In this paper, SIP INVITE flooding detection algorithm considering network congestion which enables efficient detections of such attacks is proposed. The proposed algorithm is expected to detect other types of attacks such as BYE and CANCEL more precisely compared to other methods.

mVoIP Vulnerability Analysis And its Countermeasures on Smart Phone (스마트폰에서 mVoIP 취약성 분석 및 대응 방안)

  • Cho, Sik-Wan;Jang, Won-Jun;Lee, Hyung-Woo
    • Journal of the Korea Convergence Society
    • /
    • v.3 no.3
    • /
    • pp.7-12
    • /
    • 2012
  • mVoIP (mobile Voice over Internet Protocol) service is a technology to transmit voice data through an IP network using mobile device. mVoIP provides various supplementary services with low communication cost. It can maximize the availability and efficiency by using IP-based network resources. In addition, the users can use voice call service at any time and in any place, as long as they can access the Internet on mobile device easily. However, SIP on mobile device is exposed to IP-based attacks and threats. Observed cyber threats to SIP services include wiretapping, denial of service, and service misuse, VoIP spam which are also applicable to existing IP-based networks. These attacks are also applicable to SIP and continuously cause problems. In this study, we analysis the threat and vulnerability on mVoIP service and propose several possible attack scenarios on existing mobile VoIP devices. Based on a proposed analysis and vulnerability test mechanism, we can construct more enhanced SIP security mechanism and stable mobile VoIP service framework after eliminating its vulnerability on mobile telephony system.

A Study on Spam Protection Technolgy for Secure VoIP Service in Broadband convergence Network Environment (BcN 환경에서 안전한 VoIP 서비스를 위한 스팸대응 기술 연구)

  • Sung, Kyung;Kim, Seok-Hun
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.12 no.4
    • /
    • pp.670-676
    • /
    • 2008
  • There is a difficult plane letting a security threat to occur in Internet networks as VoIP service uses technology-based the Internet is inherent, and you protect without adjustment of the existing security solution or changes with real-time service characteristics. It is a voice to single networks The occurrence security threat that it is possible is inherent in IP networks that effort and cost to protect a data network only are complicated relatively as provide service integrated data. This paper about various response way fields to be able to prevent analysis regarding definition regarding VoIP spam and VoIP spam technology and VoIP spam.

A Study on VoIP Security Risk Analysis and Countermeasure (VoIP 보안 위협 분석 및 대책 연구)

  • Kim, Hyun-Chul;Kwak, Jin-Suk;Lee, Young-Sil;Lee, Hoon-Jae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2011.10a
    • /
    • pp.277-280
    • /
    • 2011
  • VoIP is a technology of voice communication, using the existing internet network which sends and receives voice packets. VoIP has an advantage that VoIP is cheaper than an existing telephony, and the tech is vitalized lately. But recently you can download Volp Application in the Market that have a vulnerability(Anyone Can Upload). This weakness is wrongfully used that People are downloaded by encouraging about malignant code is planted. Signal intercepts indicates from this case. and paralysis by DDoS Attack, bypass are charged for hacking. Judging from, security threat of VolP analysis and take countermeasures. In the thesis we analyze the VoIP security caused on 'Soft Phone' and 'Smart Phone', and figure out security policies and delineate those policies on the paper.

  • PDF