CAP-SIP-Guard: Alerting for 5G Edge IoT Authentication-Hijacking in Heterogeneous Autonomous Systems

Abstract

This paper describes CAP-SIP-Guard, a time-sensitive lightweight SIP-based alerting system for the edge IoT network. The framework encapsulates Common Alerting Protocol (CAP) objects in SIP NOTIFY/PUBLISH messages using Internet Key Exchange version 2 (IKEv2). Micro-certificates provide zero-trust onboarding and end-to-end assurance, in-band methods for authentication hijacking detection. A 20-node Vehicular IoT testbed across Wi-Fi 6E, LTE-Advanced, and 5G NR evaluates SIP processing delay, CAP alert delivery, and detection under REGISTER spoofing, re-INVITE bursts, and nonce replay. CAP-SIP-Guard achieves 46 ms median SIP processing with 10 vehicles and <30 ms edge CAP propagation, 98 % detection with < 2 % false positive. SIP alert latency drops 31 % and authenticated throughput improves 2.4× relative to TLS-SIP and DTLS-CoAP baselines. These results indicate CAP-enhanced SIP with adaptive prediction provide a secure, real-time control plane for heterogeneous, latency-sensitive IoT.