Artemisa: An Open-Source Honeypot Back-End to Support Security in VoIP Domains

Document Type

Article

Publication Date

2011

Subject: LCSH

Context-aware computing, Web servers, Computer crimes, Computer networks--Security measures, Free computer software, Open source software

Disciplines

Computer Engineering | Computer Sciences | Electrical and Computer Engineering

Abstract

Voice over IP (VoIP) and the Session Initiation Protocol (SIP) are establishing themselves as strong players in the field of multimedia communications over IP, leveraged by low cost services and easy management. Nevertheless, the security aspects are not yet fully mastered. In this paper we present an open-source implementation of a VoIP SIP-specific honeypot named Artemisa. The honeypot is designed to connect to a VoIP enterprise domain as a back-end user-agent in order to detect malicious activity at an early stage. Moreover, the honeypot can play a role in the real-time adjustment of the security policies of the enterprise domain where it is deployed. We aim, by this contribution, to encourage the deployment of such honeypots at large scale and the collection of attack traces. We test the capacity of the honeypot to handle a series of known SIP attacks and present results from diverse scenarios.

Comments

Article is part of the conference proceeding, IFIP/IEEE International Symposium on Integrated Network Management, 12th, Dublin, 23-27 May 2011.

University of New Haven Community can access the full-text through our IEEE Xplore Electronic Library database.

DOI

10.1109/INM.2011.5990712

Publisher Citation

R. do Carmo, M. Nassar and O. Festor, "Artemisa: An open-source honeypot back-end to support security in VoIP domains," 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, 2011, pp. 361-368, doi: 10.1109/INM.2011.5990712.

Link to Full Text

Check your library

Share

COinS