X
Xiaohui Yang
Researcher at George Mason University
Publications - 10
Citations - 183
Xiaohui Yang is an academic researcher from George Mason University. The author has contributed to research in topics: Voice over IP & Mobile communications over IP. The author has an hindex of 5, co-authored 10 publications receiving 179 citations.
Papers
More filters
Billing attacks on SIP-based VoIP systems
TL;DR: This paper examines how the vulnerabilities of SIP can be exploited to compromise the reliability and trustworthiness of the billing of the SIP-based VoIP systems and presents four billing attacks on VoIP subscribers that could result in charges on the calls the subscribers have not made or overcharges on the VoIP calls they have made.
Proceedings ArticleDOI
On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers
TL;DR: It is demonstrated that a remote attacker who is not initially in the path of VoIP traffic can indeed launch all kinds of MITM attacks on VoIP by exploiting DNS and VoIP implementation vulnerabilities and vulnerabilities of non-VoIP-specific protocols can indeed lead to compromise ofVoIP.
Proceedings ArticleDOI
Voice pharming attack and the trust of VoIP
TL;DR: Investigating the trust issues of currently deployed VoIP systems and their implications to the VoIP users shows that enforcing TLS or IPSEC between the SIP phone and SIP servers could be an effective first step toward mitigation.
Journal ArticleDOI
On the billing vulnerabilities of SIP-based VoIP systems
TL;DR: This paper analyzes several deployed SIP-based VoIP systems, and presents three types of billing attacks: call establishment hijacking, call termination hijacking and call forward hijack, showing that VoIP subscribers of Vonage, AT&T and Gizmo are vulnerable to these billing attacks.
Book ChapterDOI
An Empirical Investigation into the Security of Phone Features in SIP-Based VoIP Systems
TL;DR: Empirically investigated phone features, e.g., 911 call, voicemail, and Do Not Disturb confirm that leading deployed SIP-based VoIP systems have serious security vulnerabilities.