An Analysis of Security Implications in Session Initiation Protocol (SIP)

Voice over IP (VoIP) has become an indispensible part of our life as individuals, organizations, and corporate move from traditional Plain Old Telephony Systems (POTS) to VoIP based systems. This allows the cost to make or receive calls come down drastically while the Total Cost of Ownership (TCO) for managing a PABX also to be reduced. In this research paper, we explore the plausibility of an attacker or hacker exploiting one of the most popular and commonly used VoIP protocol - Session Initiation protocol (SIP). Session Initiation Protocol (SIP) [1] being derived from HTTP has its own share of strengths and weaknesses. While it constitutes the provisioning of critical and business relevant services e.g. IP Telephony, Instant Messaging, Presence, etc., it is vulnerable to well known and not so well known attacks. This research paper identifies and describes security issues significant to SIP protocol that may lead to Denial of Service (DoS) [2], flooding attacks, attacks exploiting vulnerabilities at the application layer and Spam over Internet Telephony (SPIT). In this paper we explore the various security issues pertinent to SIP protocol and diverse ways in which a VoIP system leveraging SIP can be attacked. We also try to explore the most effective methods to thwart or alleviate these attacks.