Title

Holistic VoIP Intrusion Detection and Prevention System

Document Type

Article

Publication Date

2007

Subject: LCSH

Internet telephony, TCP/IP (Computer network protocol), Intrusion detection systems (Computer security)

Disciplines

Computer Engineering | Computer Sciences | Electrical and Computer Engineering

Abstract

VoIP security is crucial for current and future networks and services. The rapid shift from a closed and confined telephony towards an all IP network supporting end to end VoIP services provides major challenges to the security plane. Faced with multiple attack vectors, new and comprehensive defensive security solutions for VoIP must emerge from the research community.

This paper describes a multilayer intrusion detection and prevention system architecture for VoIP infrastructures. The key components of the approach are based on a VoIP-specific honeypot and on an application layer event correlation engine. While each component alone can detect only a subset of VoIP-specific attacks, the two of them together can provide an effective defense for the many class of attacks. We show in this paper, how different and complementary conceptual approaches can jointly provide an in depth defense for VoIP architectures.

Comments

Article is part of the IPTComm '07: Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, New York City New York July 19 - 20, 2007.

DOI

10.1145/1326304.1326306

Check your library

Share

COinS