Analysis of SIP security Ashwini Sanap (006312787) Deepti Agashe (006331234)

Slides:

Advertisements

Similar presentations

The leader in session border control for trusted, first class interactive communications.

Advertisements

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Internet Protocol Security (IP Sec)

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Lecture 6: Web security: SSL

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Cryptography and Network Security

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.

An Overview of SIP Security Dr. Samir Chatterjee Network Convergence Lab Claremont Graduate University

1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.

Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

SIP Security Mechanisms Through a secure Software Engineering approach Prajwalan Karanjit

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat Supervisor: Dr. Rajan Shankaran.

Lecture 22 Internet Security Protocols and Standards

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

SIP Security Matt Hsu.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Presented by: Shivanagouda Biradar Yousof Pakzad This presentation is submitted to Prof. El Saddik in partial fulfillment of the requirements for the course.

Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

SIP Greg Nelson Duc Pham. SIP Introduction Application-layer (signaling) control protocol for initiating a session among users Application-layer (signaling)

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.

Secure connections.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.

Session Initiation Protocol (SIP) 王承宇張永霖.

SIP Security BY, Vivek Nemarugommula. vulnerabilities Registration Hijacking.

Cryptography and Network Security (SSL)

Chapter 21 Distributed System Security Copyright © 2008.

Presented By Team Netgeeks SIP Session Initiation Protocol.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

ZRTP: Media Path Key Agreement for Unicast Secure RTP April 2011, RFC 6189 Author(s): P. Zimmermann, A. Johnston, J. Callas Speaker :Ted 1.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

By: Versha Thakur Shravani Aishwarya Sai Kamal.  The Session Initiation Protocol (SIP) is a simple text-based protocol that is easy to understand. 

McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 29 Internet Security.

MWIF Confidential MWIF-Arch Security Task Force Task 5: Security for Signaling July 11, 2001 Baba, Shinichi Ready for MWIF Kansas.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.

Securing Access to Data Using IPsec Josh Jones Cosc352.

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Cryptography CSS 329 Lecture 13:SSL.

Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.

Analysis of secured VoIP services

The study and demonstration on SIP security vulnerabilities

Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls

Unit 8 Network Security.

Presentation transcript:

Analysis of SIP security Ashwini Sanap ( ) Deepti Agashe ( )

Agenda Introduction SIP Entities and messages Security Mechanism Security Attacks Conclusion

Introduction Session Initiation Protocol (SIP) Application Layer Signaling Protocol Create, Terminate and Manage Session Similar to HTTP (Request/Response) SIP Identity (URI)

SIP Entities and Messages

Security Mechanisms SIP Security Application Layer HTTP Basic Authentication Secure MIME HTTP Digest Authentication Transport Layer TLS Network Layer IPSec

Digest Authentication Challenge based Authentication Encryption not provided Confidentiality lost

Secure MIME Multipurpose Internet Mail Extension End to End security Encrypts MIME body using public key of receiver PK Exchanged thru Certificates Entity Authentication

Transport Layer Security (TLS) TCP->TLS SIPS (Similar to HTTPS) SIPS ensures parameters passed securely SRTP ensures media is also secured SIPS+SRTP = Protection

IPSec Network Layer Security Hop by Hop Creates VPN between sites Provides Encryption (DES,IDEA), Authentication and Integrity(MD5, SHA)

SIP Based network attacks Registration Hijacking  Authenticate originators of requests

SIP Based network attacks Session Hijacking

SIP Based network attacks Impersonating a Server

SIP Based network attacks : Tearing Down Sessions

SIP Based network attacks : Other attacks include :  Tampering with Message Bodies  Denial of Service and Amplification  Bots and DDOS Attacks

Conclusion SIP is expected to be the future VoIP protocol of choice. Use SIP-optimized firewalls, which both support use of standards-based security and provide the best possible protection where system-wide standards-based security is not possible.