Artemisa: An Open-Source Honeypot Back-End to Support Security in VoIP Domains
Context-aware computing, Web servers, Computer crimes, Computer networks--Security measures, Free computer software, Open source software
Computer Engineering | Computer Sciences | Electrical and Computer Engineering
Voice over IP (VoIP) and the Session Initiation Protocol (SIP) are establishing themselves as strong players in the field of multimedia communications over IP, leveraged by low cost services and easy management. Nevertheless, the security aspects are not yet fully mastered. In this paper we present an open-source implementation of a VoIP SIP-specific honeypot named Artemisa. The honeypot is designed to connect to a VoIP enterprise domain as a back-end user-agent in order to detect malicious activity at an early stage. Moreover, the honeypot can play a role in the real-time adjustment of the security policies of the enterprise domain where it is deployed. We aim, by this contribution, to encourage the deployment of such honeypots at large scale and the collection of attack traces. We test the capacity of the honeypot to handle a series of known SIP attacks and present results from diverse scenarios.
do Carmo, Rodrigo; Nassar, Mohamed; and Festor, Olivier, "Artemisa: An Open-Source Honeypot Back-End to Support Security in VoIP Domains" (2011). Electrical & Computer Engineering and Computer Science Faculty Publications. 109.
R. do Carmo, M. Nassar and O. Festor, "Artemisa: An open-source honeypot back-end to support security in VoIP domains," 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, 2011, pp. 361-368, doi: 10.1109/INM.2011.5990712.