{"id":"https://openalex.org/W2108239450","doi":"https://doi.org/10.1109/mnet.2006.1705877","title":"Information leak vulnerabilities in SIP implementations","display_name":"Information leak vulnerabilities in SIP implementations","publication_year":2006,"publication_date":"2006-09-01","ids":{"openalex":"https://openalex.org/W2108239450","doi":"https://doi.org/10.1109/mnet.2006.1705877","mag":"2108239450"},"language":"en","primary_location":{"id":"doi:10.1109/mnet.2006.1705877","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mnet.2006.1705877","pdf_url":null,"source":{"id":"https://openalex.org/S186584794","display_name":"IEEE Network","issn_l":"0890-8044","issn":["0890-8044","1558-156X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Network","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100609883","display_name":"Hong Yan","orcid":"https://orcid.org/0000-0003-1585-5047"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Hong Yan","raw_affiliation_strings":["Carnegie Mellon University, USA"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100323388","display_name":"Hui Zhang","orcid":"https://orcid.org/0000-0001-9473-8468"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hui Zhang","raw_affiliation_strings":["Carnegie Mellon University, USA"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053455655","display_name":"Kunwadee Sripanidkulchai","orcid":"https://orcid.org/0000-0001-8109-1351"},"institutions":[{"id":"https://openalex.org/I14316845","display_name":"National Electronics and Computer Technology Center","ror":"https://ror.org/04z82ry91","country_code":"TH","type":"government","lineage":["https://openalex.org/I1332092204","https://openalex.org/I14316845"]}],"countries":["TH"],"is_corresponding":false,"raw_author_name":"K. Sripanidkulchai","raw_affiliation_strings":["NECTEC, Thailand"],"affiliations":[{"raw_affiliation_string":"NECTEC, Thailand","institution_ids":["https://openalex.org/I14316845"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082169032","display_name":"Zon\u2010Yin Shae","orcid":"https://orcid.org/0000-0003-1709-5416"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zon-Yin Shae","raw_affiliation_strings":["IBM T. J. Watson Research, USA"],"affiliations":[{"raw_affiliation_string":"IBM T. J. Watson Research, USA","institution_ids":[]}]},{"author_position":"last","author":{"id":null,"display_name":"Debanjan Sah","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Debanjan Sah","raw_affiliation_strings":["IBM T. J. Watson Research, USA"],"affiliations":[{"raw_affiliation_string":"IBM T. J. Watson Research, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100609883"],"corresponding_institution_ids":["https://openalex.org/I74973139"],"apc_list":null,"apc_paid":null,"fwci":1.1465,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.80185088,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"20","issue":"5","first_page":"6","last_page":"13"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7968555688858032},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.7633283734321594},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7574822902679443},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.6838328242301941},{"id":"https://openalex.org/keywords/voice-over-ip","display_name":"Voice over IP","score":0.6544007658958435},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5183182954788208},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4631947875022888},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.457253634929657},{"id":"https://openalex.org/keywords/block","display_name":"Block (permutation group theory)","score":0.45115339756011963},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4299767017364502},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.1900174617767334},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.18446573615074158},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.1297565996646881}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7968555688858032},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.7633283734321594},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7574822902679443},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.6838328242301941},{"id":"https://openalex.org/C171246234","wikidata":"https://www.wikidata.org/wiki/Q81945","display_name":"Voice over IP","level":3,"score":0.6544007658958435},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5183182954788208},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4631947875022888},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.457253634929657},{"id":"https://openalex.org/C2777210771","wikidata":"https://www.wikidata.org/wiki/Q4927124","display_name":"Block (permutation group theory)","level":2,"score":0.45115339756011963},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4299767017364502},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.1900174617767334},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.18446573615074158},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.1297565996646881},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/mnet.2006.1705877","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mnet.2006.1705877","pdf_url":null,"source":{"id":"https://openalex.org/S186584794","display_name":"IEEE Network","issn_l":"0890-8044","issn":["0890-8044","1558-156X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Network","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6100000143051147}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W24626785","https://openalex.org/W1484534956","https://openalex.org/W2289700367","https://openalex.org/W4242138061","https://openalex.org/W6696172813"],"related_works":["https://openalex.org/W2084179496","https://openalex.org/W2770234245","https://openalex.org/W2103238357","https://openalex.org/W2741704743","https://openalex.org/W96612179","https://openalex.org/W2262810789","https://openalex.org/W4386482731","https://openalex.org/W4386040921","https://openalex.org/W4229499248","https://openalex.org/W2749819919"],"abstract_inverted_index":{"The":[0],"use":[1],"of":[2,18,32,38,45,54,68,152],"VoIP":[3],"as":[4,160,168],"a":[5,74,138,156,169],"cheaper":[6],"communications":[7],"alternative":[8],"is":[9,29,71,119],"growing":[10],"at":[11],"an":[12],"astronomical":[13],"rate.":[14],"However,":[15],"potential":[16],"abuse":[17],"the":[19,30,36,85,88,95],"technology":[20],"may":[21],"hinder":[22],"its":[23,80],"deployment.":[24],"One":[25,62],"key":[26],"security":[27,158],"concern":[28,159],"exploitation":[31],"implementation":[33],"vulnerabilities":[34,70],"in":[35,98],"form":[37],"unauthorized":[39],"access,":[40],"worms,":[41],"viruses,":[42],"and":[43,136,146,176],"denial":[44],"service":[46],"attacks,":[47],"particularly":[48],"when":[49,108],"combined":[50],"with":[51],"explicit":[52],"targeting":[53],"implementations":[55],"that":[56,106,143],"are":[57],"known":[58],"to":[59,64,123,132,172],"be":[60,163],"vulnerable.":[61],"way":[63],"protect":[65],"from":[66],"exploitations":[67],"implementation-specific":[69],"\"security-by-obscurity\"":[72],"where":[73],"SIP":[75,89,99,109,134,148,174],"device":[76],"does":[77,91],"not":[78,92,112],"reveal":[79],"specific":[81],"software":[82,96,115],"version.":[83],"For":[84],"same":[86],"reason,":[87],"standard":[90],"encourage":[93],"announcing":[94],"version":[97,116],"messages.":[100],"In":[101],"this":[102],"article":[103],"we":[104,129],"show":[105],"even":[107],"messages":[110],"do":[111],"explicitly":[113],"contain":[114],"information,":[117],"there":[118],"sufficient":[120],"information":[121,153],"leak":[122,154],"determine":[124],"it.":[125],"To":[126],"demonstrate":[127],"this,":[128],"introduce":[130],"techniques":[131],"fingerprint":[133],"devices":[135,175],"develop":[137],"fingerprinting":[139],"tool":[140],"called":[141],"SIPProbe":[142],"collects":[144],"fingerprints":[145],"identifies":[147],"implementations.":[149],"This":[150],"type":[151],"presents":[155],"new":[157],"it":[161],"can":[162],"used":[164],"by":[165],"malicious":[166],"users":[167],"building":[170],"block":[171],"scan":[173],"launch":[177],"attacks":[178]},"counts_by_year":[{"year":2018,"cited_by_count":1}],"updated_date":"2026-03-25T23:56:10.502304","created_date":"2025-10-10T00:00:00"}