Session Initiation Protocol (SIP) [ROS 02] is an application layer signaling protocol for establishing, modifying, and terminating multimedia sessions between participants over an IP data network. It is an application layer protocol that works in conjunction with other application layer protocols to control multimedia communication sessions over the Internet.Before moving further, let us first understand a few points about VoIP.VOIP is a technology that allows you to deliver voice and multimedia (videos, pictures) content over the Internet. Standards preceding SIP, for establishing communication sessions over IP, include ITU-T H.323, ITU-T H.245, and ITU-T H.225. Some commands and responses of SIP and their use are illustrated in In the architecture, SIP defines a number of logical entities including user agent, redirect server, proxy server, registrar, and location service. We'll send you an email containing your password. An endpoint can be a smartphone, a laptop, or any device that can receive and send multimedia content over the Internet.SIP is an application layer protocol defined by IETF (Internet Engineering Task Force) standard. It is also text-based, so anyone can read a SIP message passed between the endpoints in a SIP session. Many extensions of SIP are being proposed and are under discussion. It is defined in SIP embodies client-server architecture and the use of URL and URI from SIP takes the help of SDP (Session Description Protocol) which describes a session and RTP (Real Time Transport Protocol) used for delivering voice and video over IP network.SIP can be used for two-party (unicast) or multiparty (multicast) sessions.Other SIP applications include file transfer, instant messaging, video conferencing, online games, and steaming multimedia distribution.Basically SIP is an application layer protocol.
Some advantages of VOIP include − 1. The SIP server returns the destination address to the originator of the call, who then signals the SIP client.End points or UAs represent phone devices or software modems. SIP can be used to initiate a session that uses some other conference control protocol.
SIP was designed in 1996 and approved by the Internet Engineering Task Force (IETF). SIP servers can operate in a proxy mode or redirect mode:In the proxy mode, the server intercepts messages from the end points, inspects their To: field, contacts the location server to resolve the username into an address, and forwards the message to the appropriate end point or another server.
A third-party attacker can thus observe the parameters of an eavesdropped INVITE message, and then insert a BYE request into the session.
In SIP, each user is uniquely identified by an SIP universal resource indicator, which is used as the identifier to address the called user when the sending session initiation requests. Specifies Microsoft extensions to the Session Initiation Protocol (SIP), as specified in [RFC3261], which is used by terminals to establish, modify, and terminate multimedia sessions or calls. Attackers can also try to deplete storage resources of the registrar by creating a huge number of bindings.Authentication is particularly difficult to achieve in SIP, because there are a number of intermediate elements such as proxies that possibly modify the contents of a message before it reaches the desired destination.
A DDoS allows a single network user to cause multiple network hosts to flood the target host. Just as for HTTP, all requests and responses use textual encoding for SIP. This introduces some valid scalability concerns, especially for intensive cipher suites. At the other end of the spectrum, Secure/Multipurpose Internet Mail Extensions (S/MIME) can be implemented to encrypt data directly within SIP messages. The Session Initiation Protocol (SIP) working group is chartered to maintain and continue the development of SIP, currently specified as proposed standard RFC 3261, and its family of extensions.