Holistic VoIP Intrusion Detection and Prevention System

Document Type


Publication Date


Subject: LCSH

Internet telephony, TCP/IP (Computer network protocol), Intrusion detection systems (Computer security)


Computer Engineering | Computer Sciences | Electrical and Computer Engineering


VoIP security is crucial for current and future networks and services. The rapid shift from a closed and confined telephony towards an all IP network supporting end to end VoIP services provides major challenges to the security plane. Faced with multiple attack vectors, new and comprehensive defensive security solutions for VoIP must emerge from the research community.

This paper describes a multilayer intrusion detection and prevention system architecture for VoIP infrastructures. The key components of the approach are based on a VoIP-specific honeypot and on an application layer event correlation engine. While each component alone can detect only a subset of VoIP-specific attacks, the two of them together can provide an effective defense for the many class of attacks. We show in this paper, how different and complementary conceptual approaches can jointly provide an in depth defense for VoIP architectures.


Article is part of the IPTComm '07: Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, New York City New York July 19 - 20, 2007.



Check your library