Vulnerability analysis on Mobile VoIP supplementary services and MITM attack

摘要

Mobile VoIP(mVoIP) is to provide Voice based telephony service using wired/wireless network on Smartphone. We can use several kinds of mVoIP services on smartphone such as the Supplementary Service registration / release process, coloring, call forwarding, absence guide, three-way calling, and simultaneous receipt. But the smartphone based mVoIP services are vulnerable to security threat because SIP protocol used on mVoIP phones can be easily tampered sending or receiving packets and therefore we can find several problems on sender authentication process. Therefore, we analysis the vulnerability of existing mVoIP based telephony services on smartphone and propose a possible attack on existing mVoIP services.