Tampering THE SQL code INJECTION attack

− As Internet Telephony and Voice over IP (VoIP) are considered advanced Internet applications/services, they are vulnerable to attacks existing in Internet applications/services. For instance HTTP digest authentication attacks, malformed messages, message tampering with malicious code, SQL injection and more, can be launched against any Internet application/service. In this paper, we describe, analyze and demonstrate the inheritance of message tampering attacks, focusing on SQL injection, in the SIP protocol. This type of attack has been successfully launched in Internet environments, with very little cost, effort and specialized knowledge. However, in the context of the SIP protocol, no works or research efforts are reported until now. The paper provides an in-depth analysis of SQL injection in SIP realms, discussing implementation details, constraints and possibilities for the attacker. In addition, we provide some indicative experimental results by triggering this style of attack against a properly designed SIP-based testbed environment. Finally, specific countermeasures, remedies and new signature-oriented framework are suggested for identifying and counter fight against this attack.