Top

Journal of Network and Systems Management

Published in:

01-01-2015

An Online Risk Management Strategy for VoIP Enterprise Infrastructures

Authors: O. Dabbebi, R. Badonnel, O. Festor

Published in: Journal of Network and Systems Management | Issue 1/2015

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Telephony over IP has been widely deployed, supported by the standardization of VoIP signalling and media transfer protocols. This deployment has also led to the emergence of several security threats, including attacks inherited from the IP layer and attacks specific to the application layer. A large variety of security mechanisms has been proposed for addressing them, but these mechanisms may seriously degrade such a critical service. We propose in this paper an online risk management strategy for protecting VoIP infrastructures. The objective is to minimize the network exposure to security attacks while maintaining the quality of service, through the dynamic application of countermeasures. We describe our approach from the formalization of a dedicated risk model to its proof-of-concept implementation into an Asterisk VoIP server. We detail a portfolio of countermeasures and evaluate the performance of our solution with respect to different criteria, including the number of countermeasures, the risk threshold and the size of attack signatures.

previous article Allocating Compute and Network Resources Under Management Objectives in Large-Scale Clouds

next article A Survey of Methods for Finding Outliers in Wireless Sensor Networks

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Voice over IP.

Session initiation protocol.

Packet switched telephone network.

Internet private branch exchange.

Receiver operating characteristic.

http://www.asterisk.org/.

Asterisk gateway interface.

Dual tone multi-frequency.

voipbot.gforge.inria.fr.

Spam over IP telephony.

http://www.hackingvoip.com/sec_tools.html.

http://warvox.org.

Open vulnerability and assessment language.

Voice over IP Security Alliance: VoIP Security and Privacy Threat Taxonomy. http://www.voipsa.org/Activities/taxonomy.php (2005)

Thermos, P., Takanen, A.: Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures. Addison-Wesley Professional, Reading (2007)

Gehani, A., Kedem, G.: RheoStat: real time risk management. In: Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection (RAID’04). Springer, Berlin (2004)

Dabbebi, O., Badonnel, R., Festor, O.: A broad-spectrum strategy for runtime risk management in VoIP entreprise architectures. In: Proceedings of the 12th IFIP/IEEE international Symposium on Integrated network Management (IM 2011) (2011)

Nassar, M., Dabbebi, O., Badonnel, R., Festor, O.: Risk management in VoIP architectures using support vector machines. In: Proceedings of the 6th IFIP/IEEE International Conference on Network and Service Management (CNSM’10) (2010)

Dantu, R., Kolan, P., Cangussu, J.W.: Network risk management using attacker profiling. Secur. Commun. Netw. 2(1), 83–96 (2009)CrossRef

Shin, D., Shim, C.: Progressive multi gray-leveling: a voice spam protection algorithm. IEEE Netw. Mag. 20, 18–24 (2006)CrossRef

Bunini, M., Sicari, S.: Assessing the risk of intercepting VoIP calls. Comput. Netw. 52, 2432–2446 (2008)CrossRef

Bedford, T., Cooke, R.: Probabilistic Risk Analysis: Foundations and Methods. Cambridge University Press, Cambridge (2001)CrossRef

10.

d’Heureuse, N., Seedorf, J., Niccolini, S., Ewald, T.: Protecting SIP-based networks and services from unwanted communications. In: Proceedings of the IEEE Global Telecommunications Conference (IEEE GLOBECOM’08) (2008)

11.

ISO/IEC 27005: Information Security Risk Management. http://www.iso.org

12.

Dabbebi, O., Badonnel, R., Festor, O.: Automated runtime risk management for voice over IP networks and services. In: Proceedings of the 12th IEEE/IFIP network operations and management symposium (NOMS 2010) (2010)

13.

Rosenberg, J., Schulzrinne, H.: Registration Hijacking, Section 26.1.1, IETF Request for Comments 3261 (2002)

14.

Dabbebi, O., Badonnel, R., Festor, O.: Econometric feedback for runtime risk management in VoIP architectures. In: Proceedings of the IFIP Conference on Autonomous Infrastructure, Management and Security (IFIP AIMS11) (2011)

15.

Laskov, P., Rieck, K., Schafer, C., mller, K.-R.: Visualization of Anomaly Detection Using Prediction Sensitivity. Sicherheit, Germany (2005)

16.

Chang, C., Lin, C.: LIBSVM: A Library for Support Vector Machines. Software available http://www.csie.ntu.edu.tw/cjlin/libsvm (2001)

17.

Kuhn, D.R., Walsh, T.J., Fries, S.: Security Considerations for Voice Over IP Systems. National Institute of Standards and Technology. http://csrc.nist.gov/publications/ (2005)

18.

Wickboldt, J.A., Bianchin, L.A., Lunardi, R.C., Granville, L.Z., Gaspary, L.P., Bartolini, C.: A framework for risk assessment based on analysis of historical information of workflow execution in IT systems. Comput. Netw. 55(13), 2954–2975 (2011)CrossRef

19.

Keller, A., Hellerstein, J.L., Wolf, J.L., Wu, K.L., Krishnan, V.: The CHAMPS system: change management with planning and scheduling. In: Proceedings of the IEEE/IFIP network operations and management symposium (NOMS’04) (2004)

20.

Hagen, S., da Costa Cordeiro, W.L., Gaspary, L.P., Granville, L.Z., Seibold, M., Kemper, A.: Planning in the large: efficient generation of IT change plans on large infrastructures. In: Proceedings of the 8th IEEE International Conference on Network and Service Management (IEEE CNSM’12) (2012)

21.

Becker, S., State, R., Engel, T.: Using game theory to configure P2P SIP. In: Proceedings of the 3rd International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm09) (2009)

22.

Olsson, T.: Assessing security risk to a network using a statistical model of attacker community competence. In: Proceedings of the Eleventh International Conference on Information and Communications Security (ICICS 2009), p. 17. Beijing, China, (2009)

23.

Dabbebi, O., Badonnel, R., Festor, O.: Dynamic exposure control in P2PSIP networks. In: Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS’12) (2012)

24.

Quittek, J., Niccolini, S., Tartarelli, S., Stiemerling, M., Brunner, M., Ewald, T.: Detecting SPIT Calls by checking human communication patterns. In: IEEE International Conference on Communications (ICC 2007) (2007)

25.

Schlegel, R., Niccolini, S., Tartarelli, S., Brunner, M.: Spam over internet telephony (SPIT) prevention framework. In: Proceedings of the IEEE Global Communications Conference (IEEE GLOBECOM’06), San Francisco, USA (2006)

26.

Quinten, V.M., van de Meent, R., Pras, A.: Analysis of techniques for protection against spam over internet telephony . In: Proceedings of 13th Open European Summer School EUNICE 2007 (2007)

27.

Chapelle, O., Vapnik, V., Bousquet, O., Mukherjee, S.: Choosing multiple parameters for support vector machines. J. Mach. Learn. 46(1), 131–159 (2002)CrossRefMATH

28.

Hellerstein, J., Diao, Y., Parekh, S., Tilbury, D.: Feedback Control of Computing Systems. Wiley, New York (2004)CrossRef

29.

Grossman, L.: Computer Literacy Tests: Are You Human? Times Magazine, New York (2008)

Title: An Online Risk Management Strategy for VoIP Enterprise Infrastructures
Authors: O. Dabbebi
R. Badonnel
O. Festor
Publication date: 01-01-2015
Publisher: Springer US
Published in: Journal of Network and Systems Management / Issue 1/2015
Print ISSN: 1064-7570
Electronic ISSN: 1573-7705
DOI: https://doi.org/10.1007/s10922-013-9282-4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2015

On the Performance of the Spotify Backend

Distributed Schemes for Routing Table Management in Next Generation Routers

Measuring Cloud Service Health Using NetFlow/IPFIX: The WikiLeaks Case

Dynamic Tree Switching for Distributed Message-Passing Applications

A Report on the 1st NMRG Workshop on Large Scale Network Measurements

Acknowledgment to Reviewers

Premium Partner