Title :
SecSip: A stateful firewall for SIP-based networks
Author :
Lahmadi, Abdelkader ; Festor, Olivier
Author_Institution :
Grand Est Res. Center, INRIA Nancy, Villers-Les-Nancy, France
Abstract :
SIP-based networks are becoming the de-facto standard for voice, video and instant messaging services. Being exposed to many threats while playing an major role in the operation of essential services, the need for dedicated security management approaches is rapidly increasing. In this paper we present an original security management approach based on a specific vulnerability aware SIP stateful firewall. Through known attack descriptions, we illustrate the power of the configuration language of the firewall which uses the capability to specify stateful objects that track data from multiple SIP elements within their lifetime. We demonstrate through measurements on a real implementation of the firewall its efficiency and performance.
Keywords :
Internet telephony; authorisation; protocols; SIP-based networks; SecSip; instant messaging services; security management; session initiation protocol; stateful firewall; voice over IP; Computer crime; Data security; Environmental management; Internet telephony; Message service; Protection; Protocols; Safety devices; Web and internet services; Wire; Firewall; SIP; Security; VoIP;
Conference_Titel :
Integrated Network Management, 2009. IM '09. IFIP/IEEE International Symposium on
Conference_Location :
Long Island, NY
Print_ISBN :
978-1-4244-3486-2
Electronic_ISBN :
978-1-4244-3487-9
DOI :
10.1109/INM.2009.5188807
