Holistic VoIP Intrusion Detection and Prevention System
Author URLs
Document Type
Article
Publication Date
2007
Subject: LCSH
Internet telephony, TCP/IP (Computer network protocol), Intrusion detection systems (Computer security)
Disciplines
Computer Engineering | Computer Sciences | Electrical and Computer Engineering
Abstract
VoIP security is crucial for current and future networks and services. The rapid shift from a closed and confined telephony towards an all IP network supporting end to end VoIP services provides major challenges to the security plane. Faced with multiple attack vectors, new and comprehensive defensive security solutions for VoIP must emerge from the research community.
This paper describes a multilayer intrusion detection and prevention system architecture for VoIP infrastructures. The key components of the approach are based on a VoIP-specific honeypot and on an application layer event correlation engine. While each component alone can detect only a subset of VoIP-specific attacks, the two of them together can provide an effective defense for the many class of attacks. We show in this paper, how different and complementary conceptual approaches can jointly provide an in depth defense for VoIP architectures.
DOI
10.1145/1326304.1326306
Repository Citation
Nassar, Mohamed; Niccolini, Saverio; State, Radu; and Ewald, Thilo, "Holistic VoIP Intrusion Detection and Prevention System" (2007). Electrical & Computer Engineering and Computer Science Faculty Publications. 106.
https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/106
Comments
Article is part of the IPTComm '07: Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, New York City New York July 19 - 20, 2007.