Abstract
The use of IP networks for telephony applications (VoIP) is becoming increasingly popular, mainly due to its advantages in terms of communication and multimedia services. This fact may also shift several problems from the Internet context, such as spam, which - in the VoIP case - has been identified as SPIT. In this paper, we propose an abstract model for describing SPIT attack strategies by incorporating the underlying threats and vulnerabilities of the VoIP technology regarding SPIT phenomenon. Our model is mainly focused on the signaling part of VoIP sessions (i.e. the SIP protocol), and it is based on the representation of attacks through attack graphs and attack trees. We also demonstrate how this model could be used for the development of a set of reusable attack scenarios (patterns), with an eye towards the development of a SPIT Detection System.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Rosenberg, J., et al.: Session Initiation Protocol (SIP), RFC 3261 (June 2002)
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A Transport Protocol for Real-Time Applications, RFC 1889, IETF (January 1996)
Rosenberg, J., Jennings, C.: The Session Initiation Protocol and Spam, draft-ietf-sipping-spam-03 (October 2006)
Marias, J., Dritsas, S., Theoharidou, M., Mallios, J., Gritzalis, D.: SIP vulnerabilities and anti-SPIT mechanisms assessment. In: Proc. of the 16th IEEE International Conference on Computer Communications and Networks (IC3N 2007). IEEE Press, Los Alamitos (2007)
Dritsas, S., Mallios, J., Theoharidou, M., Marias, G., Gritzalis, D.: Threat analysis of the Session Initiation Protocol regarding spam. In: Proc. of the 3rd IEEE International Workshop on Information Assurance (WIA 2007), pp. 426–433. IEEE Press, Los Alamitos (2007)
Mehta, V., Bartzis, C., Zhu, H., Clarke, E., Wing, J.: Ranking Attack Graphs. In: Proc. of Recent Advances in Intrusion Detection, pp. 127–144. Springer, Germany (2006)
Jha, S., Sheyner, O., Wing, J.: Two Formal Analyses of Attack Graphs. In: Proc. of the 15th IEEE Computer Security Foundations Workshop, pp. 49–63. IEEE Press, Los Alamitos (2002)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)
Dantu, R., Loper, K., Kolan, P.: Risk Management Using Behavior Based Attack Graphs. In: Proc. of the IEEE International Conference on Information Technology (ITCC), pp. 445–450. IEEE Press, Las Vegas (2004)
Ning, P., Xu, D.: Learning attack strategies from intrusion alerts. In: Proc. of the 10th ACM Conference on Computer and Communication Security, pp. 200–209. ACM Press, New York (2003)
Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal (December 1999)
Wang, L., Noel, S., Jajodia, S.: Minimum-Cost Network Hardening Using Attack Graphs. Computer Communications 29(18), 3812–3824 (2006)
Opel, A.: Design and Implementation of a Support Tool for Attack Trees, Internship Thesis, Otto-von-Guericke University Magdeburg (March 2005)
Steffan, J., Schumacher, M.: Collaborative Attack Modeling. In: Proc. of the 2002 ACM Symposium on Applied Computing, pp. 253–259. ACM Press, New York (2002)
Helmer, G., Wong, J., Slagell, M., Honavar, V., Miller, L.: A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System. In: Proc. of the ACM Symposium on Requirements Engineering for Information Security, USA (2001)
Kotapati, K., Liu, P., LaPorta, T.: CAT - A Practical Graph and SDL Based Toolkit for Vulnerability Assessment of 3G Networks. In: Proc. of the 21st IFIP International Information Security Conference (SEC 2006), May 2006, pp. 158–170. Springer, Sweden (2006)
Sheyner, O., Wing, J.: Tools for Generating and Analyzing Attack Graphs. In: Proc. of the Workshop on Formal Methods for Components and Objects. LNCS, pp. 344–371. Springer, The Neterlands (2004)
Moore, A., Ellison, R., Linger, R.: Attack modeling for information security and survivabil, Software Engineering Institute Technical Report CMU/SEI-2001 (2001)
Vigna, G., Eckmann, S., Kemmerer, R.: Attack Languages. In: Proc. of the IEEE Information Survivability Workshop, pp. 163–166. IEEE Press, Los Alamitos (2000)
VOIPSA, VoIP Security and Privacy Threat Taxonomy (October 2005), www.voipsa.org/Activities/taxonomy.php
El Sawda, S., Urien, P.: SIP Security Attacks and Solutions: A state-of-the-art review. In: Proc. of IEEE International Conference on Information & Communication Technologies: From Theory to Applications (ICTTA 2006), Syria, April 2006, vol. 2, pp. 3187–3191 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mallios, J., Dritsas, S., Tsoumas, B., Gritzalis, D. (2008). Attack Modeling of SIP-Oriented SPIT. In: Lopez, J., Hämmerli, B.M. (eds) Critical Information Infrastructures Security. CRITIS 2007. Lecture Notes in Computer Science, vol 5141. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89173-4_25
Download citation
DOI: https://doi.org/10.1007/978-3-540-89173-4_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89095-9
Online ISBN: 978-3-540-89173-4
eBook Packages: Computer ScienceComputer Science (R0)