Abstract
The IP Multimedia Subsystem (IMS) infrastructure is currently considered to be the main core of Next Generation Networks (NGNs), integrating IP and other network types under one common infrastructure. Consequently, IMS inherits security flaws and vulnerabilities residing in all those technologies. Besides, the protection against unauthorized access in NGN services is of great importance. In this paper we present a call conference room interception attack and we propose a new cross layer architecture to shield IMS against it.
Chapter PDF
Similar content being viewed by others
References
Rosenberg, J., Schulzrinne, H., Camarillo, G., et al.: RFC 3261: SIP: Session Initiation Protocol (2002)
I. T. Union: H323 Packet Based Multimedia Communications Systems, Telecommunication Standardization Sector of ITU (1998)
3GPP, TS 23.228: IP Multimedia Subsystems (IMS), Third Generation Partnership Project, Technical Specification Group Services and System Aspects (2008)
Geneiatakis, D., Dagiouklas, A., Kambourakis, G., et al.: Survey of security vulnerabilities in Session Initiation Protocol. IEEE Communications Surveys and Tutorials 8, 68–81 (2006)
Sisalem, D., Kuthan, J., Ehlert, S., et al.: Denial of Service Attacks Targeting a SIP VoIP Infrastructure: Attack Scenarios and Prevention Mechanisms. IEEE Network 20(5), 26 (2006)
Geneiatakis, D., Lambrinoudakis, C.: A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment. Telecommunication Systems 36(4), 153–159 (2007)
Ramsdell, B.: RFC 2633: S/MIME version 3 message specification (1999)
3GPP, TS 33.203: 3G security; Access security for IP-based services (Release 9), Third Generation Partnership Project, Technical Specification Group Services and System Aspects (2009)
3GPP, TS 24.229: IP Multimedia Call Control Based on SIP and SDP, Techincal Specification Group Core Network and Terminals (2009)
3GPP, TR 33.978 Security aspects of early IP Multimedia Subsystem (IMS), Third Generation Partnership Project, Technical Specification Group Services and System Aspects (2008)
ETSI, TS 187 003: Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN): Security Architecture (2008)
Sparks, R.: RFC 3515: The Session Initiation Protocol (SIP) Refer Method (2003)
Johnston, A.B.: SIP: Understanding the Session Initiation Protocol. Artech House (2004)
Klein, A.: BIND 9 DNS cache poisoning, http://www.trusteer.com/docs/bind9dns.html
Zhang, R., Wang, X., Farley, R., et al.: On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers, pp. 61–69
Wagner, R.: Address resolution protocol spoofing and man-in-the-middle attacks. The SANS Institute (2001)
3GPP, TS 24.147: Conferencing using the IP Multimedia (IM) Core Network (CN) subsystem, Technical Specification Group Core Network and Terminals (2009)
Kent, S., Atkinson, R.: RFC 2401: Security Architecture for the Internet Protocol. Network Working Group (1998)
Dierks, T., Allen, C.: RFC 2246: The TLS Protocol Version 1.0, RFC Editor (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vrakas, N., Geneiatakis, D., Lambrinoudakis, C. (2010). A Call Conference Room Interception Attack and Its Detection. In: Katsikas, S., Lopez, J., Soriano, M. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2010. Lecture Notes in Computer Science, vol 6264. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15152-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-15152-1_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15151-4
Online ISBN: 978-3-642-15152-1
eBook Packages: Computer ScienceComputer Science (R0)