Title :
Uncovering SIP Vulnerabilities to DoS Attacks Using Coloured Petri Nets
Author_Institution :
Sch. of Comput. & Inf. Sci., Univ. of South Australia, Mawson Lakes, SA, Australia
Abstract :
The Session Initiation Protocol (SIP) is used to establish, maintain and terminate multimedia sessions over the Internet. It is the predominant signalling protocol for Voice over IP (VoIP). Hence understanding security vulnerabilities of SIP is crucial to secure VoIP. In this paper, we apply a formal method, Coloured Petri Nets, to discover and analyse the vulnerabilities of SIP to Denial of Service (DoS) attacks. Using the approach, we have effectively identified the vulnerabilities with SIP call setup process, which may be exploited to launch DoS attacks on SIP-based VoIP systems. The paper also discusses the possible solutions to the identified security issues.
Keywords :
Internet telephony; Petri nets; security of data; signalling protocols; DoS attacks; SIP vulnerabilities; coloured Petri nets; session initiation protocol; signalling protocol; voice over IP; Analytical models; Computer crime; Firing; Protocols; Reactive power; Servers; Coloured Petri Nets; DoS attacks; Session Initiation Protocol; VoIP; security vulnerability analysis;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on
Conference_Location :
Changsha
Print_ISBN :
978-1-4577-2135-9
DOI :
10.1109/TrustCom.2011.8
