hh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SIP Security Threats and Countermeasures
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
2012 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

With the emergence of multimedia applications and the upcoming age of Voice over IP (VoIP), Voice setup and resources control protocols such as SIP and H.323 over the Internet are becoming increasingly attractive applications. In the last few years as a real competitor in traditional telephony services (PSTN), SIP has gained much attention when compared with H.323. SIP works at presentation and application layer thus it mainly faces security issue at these layers. The objective of this thesis is to describe the most relevant SIP related security issues and then present security mechanisms that can be deployed to overcome the SIP security related issues.

This project work demonstrates the tasks necessary to enhance the SIP security both inside and outside of the network. It is divided into three main parts, where the first part describes the SIP architecture, for example, the SIP rivals, SIP components and how a SIP system works. The second part is about some vulnerability issues of concern to SIP, study of the proposed security mechanism and also analysis on how possible threats to the SIP system such as call hijacking, message tempering and DoS attack, affect the SIP based VoIP system. The third and final part describes different steps that have been taken to avoid SIP attacks, by implementing some of the proposed security mechanisms.

In order to test the SIP security, a SIP model is designed, which based on security mechanisms such as firewall, IPSec, DMZ and SIP-TLS. The results are conducted into two different scenarios. In the 1st scenario, the SIP system is tested before implementing the security measurements. In this case, the insecure system was vulnerable to several SIP attacks such as call hijacking, DOS and message tampering. In the 2nd scenario, the system is tested after the implementation of the proposed security mechanisms, where by the system now is only accessible to the authorized users and services. The tested results are also compared and discussed at the end.

Place, publisher, year, edition, pages
2012. , p. 74
Keywords [en]
Security of SIP
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:hh:diva-18126Local ID: IDE1237OAI: oai:DiVA.org:hh-18126DiVA, id: diva2:535448
Subject / course
Computer Network Engineering
Presentation
2012-05-25, E320, Halmstad University, Halmstad, 08:15 (English)
Uppsok
Technology
Supervisors
Examiners
Available from: 2012-06-20 Created: 2012-06-19 Last updated: 2012-06-20Bibliographically approved

Open Access in DiVA

fulltext(2734 kB)2295 downloads
File information
File name FULLTEXT01.pdfFile size 2734 kBChecksum SHA-512
24432f2d38e33241379dc7dbdd9f1ef2d0bac03fba8945dc6d0cdf956e2c682a298a317653e3c1fb28dda44bbce3773fbddc7a508b2ff5f37280d06f5ee32c2e
Type fulltextMimetype application/pdf

By organisation
School of Information Science, Computer and Electrical Engineering (IDE)
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 2295 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1268 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf