Security analysis of VoIP architecture for identifying SIP vulnerabilities

Voice over Internet Protocol (VoIP) is an emerging technology that changes the way of communication services over IP networks. It provides flexible and low cost services to the users, which make it more popular than the existing Public Switch Telephone Network (PSTN). With the popularity of this technology, it became targeted victim of different attacks. In this paper we analyzed VoIP architecture, both theoretically and practically with more emphasizes on security of Session Initiation Protocol (SIP). In order to analyze theoretically, we performed a literature survey related to SIP security and classified it in term of existing SIP attacks and defenses. Our theoretical analysis reveals that most attacks on VoIP architecture were successful due to weaknesses of SIP, especially the authentication mechanism used in the session establishment phase. For practical analysis, we used open source Asterisk and pen-test it in different attacking scenarios using Kali Linux distribution. Our practical analysis studies revealed that open source asterisk server is still vulnerable to several attacks, which includes eavesdropping, intentional interruption, social threats, interception and modification, and unintentional interruption. We also provide a concise mitigating scheme based on Single Sign-On (SSO), which provides an efficient and reliable authentication mechanism for securing SIP.

[1]  Xiao-Yu Wan,et al.  A SIP DoS Flooding Attack Defense Mechanism Based on Custom Weighted Fair Queue Scheduling , 2010, 2010 International Conference on Multimedia Technology.

[2]  Thomas J. Walsh,et al.  Security Considerations for Voice Over IP Systems , 2005 .

[3]  Munir B. Sayyad,et al.  Proposed Model for SIP Security Enhancement , 2010, Commun. Netw..

[4]  Yoon Mi Koh,et al.  A New Lightweight Protection Method against Impersonation Attack on SIP , 2014 .

[5]  Ibrahim Sogukpinar,et al.  SIP Authentication Scheme using ECDH , 2007 .

[6]  Yuqing Zhang,et al.  A new provably secure authentication and key agreement protocol for SIP using ECC , 2009, Comput. Stand. Interfaces.

[7]  Intesab Hussain,et al.  Strategy based proxy to secure user agent from flooding attack in SIP , 2011, 2011 7th International Wireless Communications and Mobile Computing Conference.

[8]  Hsiao-Hwa Chen,et al.  A secure and efficient SIP authentication scheme for converged VoIP networks , 2010, Comput. Commun..

[9]  Marius Herculea,et al.  Evaluation of Security and Countermeasures for a SIP-based VoIP Architecture , 2008 .

[10]  Georgios Kambourakis,et al.  PrivaSIP: Ad-hoc identity privacy in SIP , 2011, Comput. Stand. Interfaces.

[11]  Jon Peterson,et al.  Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) , 2006, RFC.

[12]  Zhenfu Cao,et al.  Off-line Password Guessing Attack on an Efficient Key Agreement Protocol for Secure Authentication , 2006, Int. J. Netw. Secur..

[13]  Tei-Wei Kuo,et al.  Design and Implementation of SIP Security , 2005, ICOIN.

[14]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[15]  Henning Schulzrinne,et al.  RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.

[16]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[17]  Zhenfu Cao,et al.  Simple three-party key exchange protocol , 2007, Comput. Secur..

[18]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[19]  Henning Schulzrinne,et al.  Have I met you before?: using cross-media relations to reduce SPIT , 2009, IPTComm.

[20]  Chou Chen Yang,et al.  Secure authentication scheme for session initiation protocol , 2005, Comput. Secur..

[21]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[22]  Angelos D. Keromytis A Look at VoIP Vulnerabilities , 2010, login Usenix Mag..

[23]  Angelos D. Keromytis,et al.  A Comprehensive Survey of Voice over IP Security Research , 2012, IEEE Communications Surveys & Tutorials.

[24]  Costas Lambrinoudakis,et al.  Survey of security vulnerabilities in session initiation protocol , 2006, IEEE Communications Surveys & Tutorials.

[25]  Paulo S. L. M. Barreto,et al.  The SIP Security Enhanced by Using Pairing-assisted Massey-Omura Signcryption , 2008, IACR Cryptol. ePrint Arch..

[26]  Saverio Niccolini,et al.  A policy framework for personalized and role-based SPIT prevention , 2009, IPTComm.

[27]  Chun-Li Lin,et al.  A password authentication scheme with secure password updating , 2003, Comput. Secur..