SIP Security: Main Vulnerabilities, Denial of Service (DoS) Attacks and Intrusion Detection Techniques

Document Type : Original Article

Authors

1 Egyptian Armed Forces, Egypt.

2 Helwan University, Cairo, Egypt.

Abstract

Session Initiation Protocol (SIP) is application layer signaling text-based protocol used for creating, modifying, and terminating multimedia communications sessions (Internet telephone calls, instant messaging, and multimedia conferences) among Internet endpoints. SIP is defined by the Internet Engineering Task Force (IETF) and documented in RFC 3261. Unfortunately, SIP-based application services using IP network are not only exposed to the security vulnerabilities inherited from IP but also exposed to new security vulnerabilities inherited from SIP. In this paper we present the most important security vulnerabilities, threats, and attacks against SIP- multimedia communications systems. Our goal is to provide roadmap to the interested persons for understanding existing capabilities, and identifying the gaps and vulnerabilities in SIP, We illustrate how these vulnerabilities can be exploited to compromise the security of SIP-based systems. Then we focus on Denial of Service (DoS) attacks that impact service availability along with the main detection techniques for these attacks.

Keywords