Testing Dialog-Verification of SIP Phones With Single-Message Denial-of-Service Attacks

The authors tested several SIP implementations against simple yet effective DoS Cancel and Bye attacks using forged dialog IDs. Their results are worrying and show that a majority of the softphones they tested as well as two hardphones with unpatched firmware are vulnerable, allowing attackers to prevent or prematurely end VoIP sessions. The results further illustrate the weakness of current SIP implementations, and they are continuing to investigate these and related vulnerabilities. As part of these efforts, they are currently developing a tool to enable discovery of perhaps even more serious flaws quickly.