Presentation is loading. Please wait.

Presentation is loading. Please wait.

Analysis of SIP security Ashwini Sanap (006312787) Deepti Agashe (006331234)

Published byMilo Lee Modified over 8 years ago

Similar presentations

Presentation on theme: "Analysis of SIP security Ashwini Sanap (006312787) Deepti Agashe (006331234)"— Presentation transcript:

1 Analysis of SIP security Ashwini Sanap (006312787) Deepti Agashe (006331234)

2 Agenda Introduction SIP Entities and messages Security Mechanism Security Attacks Conclusion

3 Introduction Session Initiation Protocol (SIP) Application Layer Signaling Protocol Create, Terminate and Manage Session Similar to HTTP (Request/Response) SIP Identity (URI)

4 SIP Entities and Messages

5 Security Mechanisms SIP Security Application Layer HTTP Basic Authentication Secure MIME HTTP Digest Authentication Transport Layer TLS Network Layer IPSec

6 Digest Authentication Challenge based Authentication Encryption not provided Confidentiality lost

7 Secure MIME Multipurpose Internet Mail Extension End to End security Encrypts MIME body using public key of receiver PK Exchanged thru Certificates Entity Authentication

8 Transport Layer Security (TLS) TCP->TLS SIPS (Similar to HTTPS) SIPS ensures parameters passed securely SRTP ensures media is also secured SIPS+SRTP = Protection

9 IPSec Network Layer Security Hop by Hop Creates VPN between sites Provides Encryption (DES,IDEA), Authentication and Integrity(MD5, SHA)

10 SIP Based network attacks Registration Hijacking  Authenticate originators of requests

11 SIP Based network attacks Session Hijacking

12 SIP Based network attacks Impersonating a Server

13 SIP Based network attacks : Tearing Down Sessions

14 SIP Based network attacks : Other attacks include :  Tampering with Message Bodies  Denial of Service and Amplification  Bots and DDOS Attacks

15 Conclusion SIP is expected to be the future VoIP protocol of choice. Use SIP-optimized firewalls, which both support use of standards-based security and provide the best possible protection where system-wide standards-based security is not possible.

16

Download ppt "Analysis of SIP security Ashwini Sanap (006312787) Deepti Agashe (006331234)"

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.

The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug 2013 - scotthel.me.

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
An Overview of SIP Security Dr. Samir Chatterjee Network Convergence Lab Claremont Graduate University

An Overview of SIP Security Dr. Samir Chatterjee Network Convergence Lab Claremont Graduate University
1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.
SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.

SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.

Similar presentations

Ads by Google