SIP Proxies: New Reflectors in the Internet
2010 (English)In: Communications and Multimedia Security: 11th IFIP TC 6/TC 11 International Conference, CMS 2010, Linz, Austria, May 31 – June 2, 2010. Proceedings, Springer, 2010, 142-153 p.Conference paper (Refereed)
To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 . Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.
Place, publisher, year, edition, pages
Springer, 2010. 142-153 p.
Lecture Notes in Computer Science, ISSN 0302-9743 ; 6109
Research subject Computer Science
IdentifiersURN: urn:nbn:se:kau:diva-40523DOI: 10.1007/978-3-642-13241-4_14ISI: 000279562100013ISBN: 978-3-642-13240-7 (print)OAI: oai:DiVA.org:kau-40523DiVA: diva2:905345
11th IFIP International Conference on Communications and Multimedia Security, May 31-Jun 02, 2010, Linz, Austria