TY - GEN
T1 - A framework for detecting malformed messages in SIP networks
AU - Geneiatakis, Dimitris
AU - Kambourakis, Georgios
AU - Dagiuklas, Tasos
AU - Lambrinoudakis, Costas
AU - Gritzalis, Stefanos
PY - 2005
Y1 - 2005
N2 - Internet telephony like any other Internet service suffers from security flaws caused by various implementation errors (e.g. in end-users terminals, protocols, operating systems, hardware, etc). These implementation problems usually lead VoIP subsystems (e.g. SIP servers) to various unstable operations whenever trying to process a message not conforming to the underlying standards. As Internet telephony becomes more and more popular, attackers will attempt to exhaustively "test" implementations' robustness, transmitting various types of malformed messages to them. Since it is almost infeasible to avoid or predict every potential error caused during the developing process of these subsystems, it is necessary to specify an appropriate and robust, from the security point of view, framework that will facilitate the successful detection and handling of any kind of malformed messages aiming to destruct the provided service. In this paper, we adequately present malformed message attacks against SIP network servers and/or SIP end-user terminals and we propose a new detection "framework" of prototyped attacks' signatures that can assist the detection procedure and provide effective defence against this category of attacks.
AB - Internet telephony like any other Internet service suffers from security flaws caused by various implementation errors (e.g. in end-users terminals, protocols, operating systems, hardware, etc). These implementation problems usually lead VoIP subsystems (e.g. SIP servers) to various unstable operations whenever trying to process a message not conforming to the underlying standards. As Internet telephony becomes more and more popular, attackers will attempt to exhaustively "test" implementations' robustness, transmitting various types of malformed messages to them. Since it is almost infeasible to avoid or predict every potential error caused during the developing process of these subsystems, it is necessary to specify an appropriate and robust, from the security point of view, framework that will facilitate the successful detection and handling of any kind of malformed messages aiming to destruct the provided service. In this paper, we adequately present malformed message attacks against SIP network servers and/or SIP end-user terminals and we propose a new detection "framework" of prototyped attacks' signatures that can assist the detection procedure and provide effective defence against this category of attacks.
UR - http://www.scopus.com/inward/record.url?scp=42749104168&partnerID=8YFLogxK
U2 - 10.1109/LANMAN.2005.1541543
DO - 10.1109/LANMAN.2005.1541543
M3 - Conference contribution
AN - SCOPUS:42749104168
SN - 0780395654
SN - 9780780395657
T3 - 14th IEEE Workshop on Local and Metropolitan Area Networks, LANMAN 2005
BT - 14th IEEE Workshop on Local and Metropolitan Area Networks, LANMAN 2005
T2 - 14th IEEE Workshop on Local and Metropolitan Area Networks, LANMAN 2005
Y2 - 18 September 2005 through 21 September 2005
ER -