期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

SIP网络安全性研究 被引量:1

Research on the security of session initation protocol(SIP)networks
下载PDF
导出
摘要 针对 SIP 网络所面临的典型安全威胁,提出了 SIP 攻击方法的有限状态机描述模型。利用该模型深入研究了注册劫持攻击、INVITE 攻击、re-INVITE 攻击、会话终止攻击和拒绝服务攻击的原理和方式,并在实际环境下重现了这5种攻击方法。同时提出并实现了针对注册劫持的禁止第三方注册或注册权限级别划分的解决方案,以及针对 INVITE 攻击、re-INVITE 攻击和会话终止攻击提出了改进的 HTTP Digest 认证协议和 Proxy 间逐条加密的解决方案,提高了 SIP 网络的安全性和可用性。 In consideration of the security threats in session initiation protocol (SIP) based networks, this paper put forward the deterministic finite automation (DFA) model for SIP attack methods. The attack theories and methods of five attacks of registration hijacking, INVITE, re-INVITE, tearing down sessions, and DoS were deeply analys based on the model, and all the attacks were recurred in real circumstances. At the same time the method to forbid the third part registration or registration rank carving in dealing with registration hijacking attacks, and the improved HTTP digest authentication protocol and the hop-by-hop encryption within proxy to deal with the attacks of INVITE, re-INVITE and BYE were put forward and implemented, which improved the security and usability of SIP networks.
作者 张兆心 方滨兴 胡铭曾 张宏莉
机构地区 哈尔滨工业大学国家计算机网络与信息安全重点实验室
出处 《高技术通讯》 CAS CSCD 北大核心 2008年第3期231-237,共7页 Chinese High Technology Letters
基金 863计划(2006AA01Z451 2007AA010503) 哈尔滨工业大学(威海)研究基金(HIT(WH)200712)资助项目
关键词 网络安全 认证 攻击 注册劫持 network security, authentication, attack, registration hijacking
分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TN915.04 [电子电信—通信与信息系统]
  • 相关文献

参考文献15

二级参考文献113

  • 1程艳伟,雷为民.利用SIP协议扩展实现SIP-NAT网关[J].小型微型计算机系统,2003,24(1):151-153. 被引量:4
  • 2司端锋,潘爱民.IP电话(VoIP)中的安全性问题[J].计算机工程,2004,30(18):105-107. 被引量:25
  • 3糜正琨.P网络电话技术[M].北京:人民邮电出版社,2800..
  • 4ROSENBERG J, SCHULZRINNE H, CAMARILLO G, et al, SIP: Session Initiation Protocol [ EB/OL ]. http://www. draft-ieff-sip-rfc2543bis-07. txt,SIP WG, Internet Engineering Task Force, February-4, 2002.
  • 5METZGER P, SIMPSON W. IP Authentication using Keyed MD5 [ Z ].RFC 1828,Internet Engineering Task Force, August 1995.
  • 6HANDLEY M. SAP: Session Announcement Protocol [ Z ]. Internet draft, IETF.
  • 7JOHNSTON A,DONOVAN S,SPARKS R, et al .SIP Call Flow Exampies [ EB/OL ]. http://www. draft-ieff-sip-call-flows-05, txt, June.2001.
  • 8ITU-T Rec. H. 323. Packet based multimedia Communication System[S] .Feb 1998.
  • 9FRANKS J, HALLAM-BAKER P, HOSTETLER J, et al. HTIP authentication: Basic and digest access authentication [Z]. Request for Comments 2617, Internet Engineering Task Force,June 1999.
  • 10RIVES R. Tne MD5 Message-Digest Algorithm[Z]. RFC1321, IETF,April 1992.

共引文献352

同被引文献12

  • 1Rosenberg J H, Schulzrinne G, Camarillo A, et al. Session InitiationProtocol[S], RFC 3261,2002.
  • 2Aws Naser Jaber, Chen Wei Tan, Selvakumar Manickam, et al. Ses-sion Initiation Protocol Security; A Brief Review[J]. Journal of Com-puter Science,2012,8 (3) :348 -357.
  • 3Ehlert S,Geneiatakis D,Magedanz T. Survey of network security sys-tems to counter SIP-based denial-of-^rvice attacks[ J]. Computer &Security,2010,29(5) :225 -243.
  • 4Abhishek Kumar, P Shanthi Thilagam, Alwyn R Pais, et al. TowardsEvaluating Resilience of SIP Server under Low Rate DoS Attack [ C ].Communications in Computer and Information Science, 2011, 147(7):336-339.
  • 5Shevtekar A,Stille J,Ansari N. On the impacts of low rate DoS at-tacks on VoIP traffic [ J ]. Security and Communication Networks,2008,1(1) : 45 -56.
  • 6Abhishek Kumar, Sanlhi Tilagam. A Novel Approach for Evaluatingand Detecting Low Rate SIP Flooding Attack[ J]. International Journalof Computer Applications,2011,26( 1) : 31 —36.
  • 7AI Allouni H, Rohiem A E, Hashem M, et al. Voip denial of serviceattacks classification and implementation [ C ] //National Radio ScienceConference (NRSC) , 2009 : 1 - 12.
  • 8Adas A. Traffic models in broadband networks[ J]. IEEE Communica-tions Magazine, 1997,35(7) : 82 -89.
  • 9Chandrasekaran B. Survey of net-work traffic models [ DB/OL ].2009.http://www. cs. wustl. edu/jain/cse56706/ftp/traffic-models3/index, html.
  • 10里波舒尔茨(SeymourLipschutz).概率计算-理论和应用[M].McGRAW-HILL BOOK COMPANY GmbH, 1980.

引证文献1

二级引证文献2

高技术通讯
2008年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部