Analysis and Deterrence of Threats on SIP

Abstract

Voice over IP (VoIP) is gaining more popularity in today s communication because of its rich multimedia feature and it is more economical compared to traditional PSTN (Public Telephone Switching System). SIP and RTP are two major protocols in VoIP system, which are responsible to initializing, establishing connection and communicating between two parties. SIP becomes one of the dominant signaling protocols because of its light weight nature but is more prone to attacks and security threats as it uses HTTP digest for authentication and all messages are exchanged in open text. Integrity, service and availability threats are amongst most important threats on VoIP system causing over billing, force teardown and denial of service attacks. An attempt has been made to classify all VoIP and SIP threats as confidentiality, availability, integrity and social threats category, we have focused our work on Force teardown, Billing and DoS attacks by providing innovative and unique solutions. newlineForce teardown attack is a result of interception of credential message from early communication and used later by attacker to send malformed message to victim machine it results in four types of billing attacks. These attacks are result of poor authentication, lack of confidentiality and integrity of SIP messages. In Billing attacks, attacker s objective is to prolong or terminate ongoing call by sending various malformed messages causing excess bill to the user. In addition to above attack, attacker also attempts DoS with intention of unavailability of service and resource to legitimate user. Lastly DoS attacks are caused by flooding of INVITE messages and by sending CANCLE, BYE message during session initiation and real time communication. newlineTo deter Force teardown attack confidentiality is provided to all signaling message by using well known symmetric encryption as well as designing a secured encryption algorithms to reduce the memory and CPU utilization.