Model-checking DoS amplification for VoIP session initiation

Ravinder Shankesi; Musab Alturki; Ralf Sasse; Carl A. Gunter; José Meseguer

doi:10.1007/978-3-642-04444-1_24

Model-checking DoS amplification for VoIP session initiation

Ravinder Shankesi, Musab Alturki, Ralf Sasse, Carl A. Gunter, José Meseguer

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a model-checking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.

Original language	English (US)
Title of host publication	Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings
Pages	390-405
Number of pages	16
DOIs	https://doi.org/10.1007/978-3-642-04444-1_24
State	Published - 2009
Event	14th European Symposium on Research in Computer Security, ESORICS 2009 - Saint-Malo, France Duration: Sep 21 2009 → Sep 23 2009

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5789 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	14th European Symposium on Research in Computer Security, ESORICS 2009
Country/Territory	France
City	Saint-Malo
Period	9/21/09 → 9/23/09

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Online availability

10.1007/978-3-642-04444-1_24

Library availability

Discover UIUC Full Text

Cite this

Shankesi, R., Alturki, M., Sasse, R., Gunter, C. A., & Meseguer, J. (2009). Model-checking DoS amplification for VoIP session initiation. In Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings (pp. 390-405). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5789 LNCS). https://doi.org/10.1007/978-3-642-04444-1_24

Model-checking DoS amplification for VoIP session initiation. / Shankesi, Ravinder; Alturki, Musab; Sasse, Ralf et al.
Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. 2009. p. 390-405 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5789 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Shankesi, R, Alturki, M, Sasse, R, Gunter, CA & Meseguer, J 2009, Model-checking DoS amplification for VoIP session initiation. in Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5789 LNCS, pp. 390-405, 14th European Symposium on Research in Computer Security, ESORICS 2009, Saint-Malo, France, 9/21/09. https://doi.org/10.1007/978-3-642-04444-1_24

Shankesi R, Alturki M, Sasse R, Gunter CA , Meseguer J. Model-checking DoS amplification for VoIP session initiation. In Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. 2009. p. 390-405. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-04444-1_24

Shankesi, Ravinder ; Alturki, Musab ; Sasse, Ralf et al. / Model-checking DoS amplification for VoIP session initiation. Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. 2009. pp. 390-405 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{0d7c9b4a08054137bfd74f605312a656,

title = "Model-checking DoS amplification for VoIP session initiation",

abstract = "Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a model-checking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.",

author = "Ravinder Shankesi and Musab Alturki and Ralf Sasse and Gunter, {Carl A.} and Jos{\'e} Meseguer",

year = "2009",

doi = "10.1007/978-3-642-04444-1_24",

language = "English (US)",

isbn = "3642044433",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "390--405",

booktitle = "Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings",

note = "14th European Symposium on Research in Computer Security, ESORICS 2009 ; Conference date: 21-09-2009 Through 23-09-2009",

}

TY - GEN

T1 - Model-checking DoS amplification for VoIP session initiation

AU - Shankesi, Ravinder

AU - Alturki, Musab

AU - Sasse, Ralf

AU - Gunter, Carl A.

AU - Meseguer, José

PY - 2009

Y1 - 2009

N2 - Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a model-checking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.

AB - Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a model-checking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.

UR - http://www.scopus.com/inward/record.url?scp=70350376882&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350376882&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-04444-1_24

DO - 10.1007/978-3-642-04444-1_24

M3 - Conference contribution

AN - SCOPUS:70350376882

SN - 3642044433

SN - 9783642044434

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 390

EP - 405

BT - Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings

T2 - 14th European Symposium on Research in Computer Security, ESORICS 2009

Y2 - 21 September 2009 through 23 September 2009

ER -

Model-checking DoS amplification for VoIP session initiation

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this