Assessing the security of VoIP Services

Author

Abdelnur, H. ; State, R. ; Chrisment, I. ; Popi, C.

Author_Institution

LORIA, Villers-les-Nancy

fYear

2007

fDate

May 21 2007-Yearly 25 2007

Firstpage

373

Lastpage

382

Abstract

VoIP networks are in a major deployment phase and are becoming widely spread out due to their extended functionality and cast efficiency. Meanwhile, as VoIP traffic is transported over the Internet, it is the target of a range of attacks that can jeopardize its proper functionality. In this paper we describe our work in a VoIP specific security assessment framework. Such an assessment is automated with integrated discovery actions, data management and security attacks allowing to perform VoIP specific penetration tests. These tests are important because they permit to search and detect existing vulnerabilities or misconflgured devices and services. Our main contributions consist in an elaborated network information model capable to be used in VoIP assessment, an extensible assessment architecture and its implementation, as well as in a comprehensive framework for defining and composing VoIP specific attacks.

Keywords

Internet telephony; telecommunication security; telecommunication traffic; Internet; VOIP network traffic; VOIP service security assessment framework; data management; Automatic testing; Computer crime; Cost function; Data security; IP networks; Information security; Internet telephony; Performance evaluation; Protocols; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Integrated Network Management, 2007. IM '07. 10th IFIP/IEEE International Symposium on

Conference_Location

Munich

Print_ISBN

1-4244-0798-2

Electronic_ISBN

1-4244-0799-0

Type

conf

DOI

10.1109/INM.2007.374802

Filename

4258554