International Cyber Resilience conference

Document Type

Conference Proceeding


School of Computer and Information Science, Security Research Centre, Edith Cowan University, Perth, Western Australia


Originally published in the Proceedings of the 1st International Cyber Resilience Conference, Edith Cowan University, Perth Western Australia, 23rd August 2010


In recent years Voice over Internet Protocol (VoIP) has become a popular multimedia application over the Internet. At the same time critical security issues in VoIP have started to emerge. The Session Initiation Protocol (SIP) is a predominant signalling protocol for VoIP. It is used to establish, maintain and terminate VoIP calls, playing a crucial role in VoIP. This paper is aimed at developing a Coloured Petri Net (CPN)-based approach to analysing security vulnerabilities in SIP, with the ultimate goal of achieving a formal and comprehensive security assessment of SIP specification, and creating a platform for evaluating countermeasures for securing SIP. In the paper we present a method for modelling the behaviour of SIP and its security threats using CPNs, and discuss suitable techniques for analysing the CPNs for investigating SIP security issues. The CPN models and the analysis techniques will then become the platform for analysing the behavior of SIP that is enhanced with proposed security countermeasures