Links

Publications

·                Sisalem, D, Kuthan, J, Ehlert. S. "Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms", IEEE Network, Vol 20, Issue 5, 2006

·                Geneiatakis, D. Dagiuklas, T. Kambourakis, G. Lambrinoudakis, C. Gritzalis, K., Ehlert, S. Sisalem, D, Survey of security vulnerabilities in session initiation protocol, IEEE Communications Surveys & Tutorials, Vol 8, Issue 3, 2006

·                Kambourakis G., Geneiatakis D., Gritzalis S., Dagiuklas T, and Lambrinoudakis C, "Security and Privacy issues towards ENUM protocol", Proceedings of ISSPIT'05 in Athens, Greece, December 2005, (PDF, 32 KB)

·                Geneiatakis D., Kambourakis G., Lambrinoudakis C, Dagiuklas T, and Gritzalis S.,  "SIP Message Tampering: THE SQL code INJECTION attack", Proceedings of 13th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2005) IEEE, September 2005, Split, Croatia, (PDF, 255 KB)

·                Geneiatakis D., Kambourakis G., Dagiuklas T., Lambrinoudakis C. and Gritzalis S.,  "A Framework for Detecting Malformed Messages in SIP Networks", Proceedings of 14th IEEE Workshop on Local and Metropolitan Area Networks (LANMAN), September 2005, Chania-Crete, Greece, (PDF, 60 KB)

·                Geneiatakis D., Kambourakis G., Dagiuklas T., Lambrinoudakis C. and Gritzalis S., "SIP Security Mechanisms: A state-of-the-art review", in the Proceedings of the Fifth International Network Conference (INC 2005) pages 147-155, July 2005, Samos,  Greece, (PDF, 190 KB)

·                Y. Rebahi, D. Sisalem, "SIP Service Providers and the Spam Problem" in the Voice over IP Secuity Workshop Proceedings, June 2005, Washington, USA (PDF, 177 KB)

Deliverables

The first public Technical Report, titled "Towards a Secure and Reliable VoIP Infrastructure"

(PDF, 1.6 MB)

The second public Technical Report, titled "General Reliability and Security Framework for VoIP Infrasrucrures", (PDF, 1.1 MB)

Download

Here you can find rules for the Intrusion Detection System Snort that can be installed at Bastion host in a VoIP architecture. These rules have been developed to detect several DoS attacks, including INVITE / REGISTER flooding and SQL injection attacks.

sip-rules.zip