Title: The devil is in the detail: SDP-driven malformed message attacks and mitigation in SIP ecosystems
Citation: IEEE ACCESS vol. 7 p. 2401-2417
Publication Year: 2019
JRC N°: JRC112589
ISSN: 2169-3536 (online)
URI: https://ieeexplore.ieee.org/document/8575131
DOI: 10.1109/ACCESS.2018.2886356
Type: Articles in periodicals and books
Abstract: Abstract—VoIP services in general, and SIP ones in particular, continue to grow at a fast pace and have already become a key component of Next Generation Networks (NGN). Despite this proliferation, SIP-based services expose a large attack surface for perpetrators and especially those who seek to cause Denial of Service (DoS). While so far a plethora of works in the literature have been devoted to the detection of DoS attacks in SIP ecosystems, the focus is on those which exploit SIP headers neglecting the message body. In an effort to fill this gap, the work at hand concentrates on the detection of DoS attacks which instead capitalize on the Session Description Protocol (SDP) part of SIP requests. To this end, we not only scrutinize this ilk of attacks and demonstrate their effect against the end-user, but also develop an open source extensible SDP parser module capable of detecting intentionally or unintentionally crafted SDP segments arasitizing in SIP requests. Following a firewall-based logic, currently, the parser incorporates 100 different rules organized in 4 categories (policies) based on the corresponding RFC [1]. Through extensive experimentation, we show that our scheme induces negligible overhead in terms of processing time when working as a software module in either the SIP proxy or a seperate machine in front of the latter.
JRC Directorate:Space, Security and Migration

Files in This Item:
There are no files associated with this item.

Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.