SESSION INITIATION PROTOCOL (SIP) ENABLED SECURITY FOR VOICE OVER INTERNET PROTOCOL (VoIP) APPLICATION

Abstract

multimedia sessions or calls over the IP network. SIP is currently receiving much attention and seems to be the most promising candidate as the signaling protocol for current and future Voice over Internet Protocol (VoIP) services. SIP is a relatively new protocol and the security mechanisms are not robust and fully tested, therefore it is vulnerable to registration hijacking, call hijacking, tampering of messages, tearing down of sessions, and denial of service attacks. The objective of this thesis is to develop a tool and evaluate the security mechanisms proposed for SIP. The aim of using this tool is to get security suggestions for SIP implementations before their large-scale deployment, so that customers and service providers can reduce the loss from attacks to the SIP framework. The security mechanisms for SIP are outlined and its vulnerabilities are analyzed. The design and implementation of this tool is described. Security tests were performed and the results show that this tool is . able to identify the vulnerabilities and security holes of SIP implementations, and also is able to provide suggestions for improving SIP security. JAVA is used in development of the proposed tool and runs on windows platform.