| Authors: | Geneiatakis D., Dagiouklas A., Kambourakis G., Lambrinoudakis C., Gritzalis S., Ehlert S., Sisalem D. |
|---|
| Title: | Survey of Security Vulnerabilities in Session Initiation Protocol |
|---|
| Journal: | IEEE Communications Surveys and Tutorials |
|---|
| Volume: | 8 |
|---|
| Number: | 3 |
|---|
| Pages: | 68-81 |
|---|
| Year: | 2006 |
|---|
| Publisher: | IEEE Press |
|---|
| To appear: | No |
|---|
| Link: | http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=4020603 |
|---|
| ISI: | No |
|---|
| Impact Factor: | |
|---|
| File name: | J026_IEEE_Surveys_2006.pdf##^^&&544291584.pdf |
|---|
| Abstract: | The open architecture of the Internet and the use of open standards like
Session Initiation Protocol (SIP) constitute the provisioning of services
(e.g., Internet telephony, instant messaging, presence, etc.) vulnerable to
known Internet attacks, while at the same time introducing new security
problems based on these standards that cannot been tackled with current
security mechanisms. This article identifies and describes security problems
in the SIP protocol that may lead to denial of service. Such security problems
include flooding attacks, security vulnerabilities in parser implementations,
and attacks exploiting vulnerabilities at the signaling-application level.
A qualitative analysis of these security flaws and their impacts on SIP systems
is presented. |
|---|
Greek