In Internet telephony, there must be a means by which new services are created and deployed rapidly. In the World Wide Web, the Common Gateway Interface (CGI) has served as popular means towards programming web services. Due to the similarities between the Session Initiation Protocol (SIP) and the Hyper Text Transfer Protocol (HTTP), CGI seems a good candidate for service creation in a SIP envi...

Session Initiation Protocol (SIP) was standardized for real-time applications and extended to support terminal mobility by Internet Expert Task Force (IETF). However, SIP terminal mobility suffers from the considerable handoff latency which is unsuitable for the real-time communications. In this paper, we propose Predictive Address Reservation with SIP (PAR-SIP) which decreases handoff delay by...

The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...

IMS(IP Multimedia Subsystem) network uses SIP (Session Initiation Protocol) as its core control protocol. The defensive ability of the malformed SIP message is particularly important for IMS network security. In this paper, we propose a malformed SIP generation method based on SIP parsing mode and the associated attack testing method. Based on SIP parsing mode of functional entities in IMS, we ...

Session Initiation Protocol (SIP) is an application layer protocol responsible for creating, modifying, and terminating a session. It is used to establish calls through networks via IP protocol. Nowadays, SIP has been used by many embedded systems, however, due to its large size, some constrained systems cannot use it. This paper aims at adapting the protocol to be used in resource-constrained ...

This document describes some specifics that apply when Signaling Compression (SigComp) is applied to the Session Initiation Protocol (SIP), such as default minimum values of SigComp parameters, compartment and state management, and a few issues on SigComp over TCP. Any implementation of SigComp for use with SIP must conform to this document and SigComp, and in addition, support the SIP and Sess...

The session initiation protocol (SIP) is a powerful signaling protocol that controls communication on the Internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of mobile and ubiquitous computing. In 2009, Tsai proposed an authenticated key agreement scheme as an enhancement to SIP. Very recently, Arshad et al....

The Session Inititation Protocol (SIP) "Replaces" Header draft-ietf-sip-replaces-04.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents ...

The 3rd Generation Partnership Project (3GPP) will use the Session Initiation Protocol (SIP) as a session signalling protocol in the IP Multimedia Subsystem (IMS) of next generation UMTS systems. Certain nodes on the signalling layer have to process a large number of SIP messages. This paper introduces a concept for efficient SIP message routing and user assignment. The SIP Message Overflow Rou...

Recently, Tsai proposed an efficient nonce-based authentication scheme for session initiation protocol (T-SIP for short). However, the author shall show that T-SIP is vulnerable to perfect forward secrecy, password guessing attacks, and insider attacks.