Advertisement

Journal of Network and Systems Management

, Volume 23, Issue 1, pp 137–162 | Cite as

An Online Risk Management Strategy for VoIP Enterprise Infrastructures

  • O. DabbebiEmail author
  • R. Badonnel
  • O. Festor
Article

Abstract

Telephony over IP has been widely deployed, supported by the standardization of VoIP signalling and media transfer protocols. This deployment has also led to the emergence of several security threats, including attacks inherited from the IP layer and attacks specific to the application layer. A large variety of security mechanisms has been proposed for addressing them, but these mechanisms may seriously degrade such a critical service. We propose in this paper an online risk management strategy for protecting VoIP infrastructures. The objective is to minimize the network exposure to security attacks while maintaining the quality of service, through the dynamic application of countermeasures. We describe our approach from the formalization of a dedicated risk model to its proof-of-concept implementation into an Asterisk VoIP server. We detail a portfolio of countermeasures and evaluate the performance of our solution with respect to different criteria, including the number of countermeasures, the risk threshold and the size of attack signatures.

Keywords

IP telephony Security management Risk mitigation SIP protocol 

References

  1. 1.
    Voice over IP Security Alliance: VoIP Security and Privacy Threat Taxonomy. http://www.voipsa.org/Activities/taxonomy.php (2005)
  2. 2.
    Thermos, P., Takanen, A.: Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures. Addison-Wesley Professional, Reading (2007)Google Scholar
  3. 3.
    Gehani, A., Kedem, G.: RheoStat: real time risk management. In: Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection (RAID’04). Springer, Berlin (2004)Google Scholar
  4. 4.
    Dabbebi, O., Badonnel, R., Festor, O.: A broad-spectrum strategy for runtime risk management in VoIP entreprise architectures. In: Proceedings of the 12th IFIP/IEEE international Symposium on Integrated network Management (IM 2011) (2011)Google Scholar
  5. 5.
    Nassar, M., Dabbebi, O., Badonnel, R., Festor, O.: Risk management in VoIP architectures using support vector machines. In: Proceedings of the 6th IFIP/IEEE International Conference on Network and Service Management (CNSM’10) (2010)Google Scholar
  6. 6.
    Dantu, R., Kolan, P., Cangussu, J.W.: Network risk management using attacker profiling. Secur. Commun. Netw. 2(1), 83–96 (2009)CrossRefGoogle Scholar
  7. 7.
    Shin, D., Shim, C.: Progressive multi gray-leveling: a voice spam protection algorithm. IEEE Netw. Mag. 20, 18–24 (2006)CrossRefGoogle Scholar
  8. 8.
    Bunini, M., Sicari, S.: Assessing the risk of intercepting VoIP calls. Comput. Netw. 52, 2432–2446 (2008)CrossRefGoogle Scholar
  9. 9.
    Bedford, T., Cooke, R.: Probabilistic Risk Analysis: Foundations and Methods. Cambridge University Press, Cambridge (2001)CrossRefGoogle Scholar
  10. 10.
    d’Heureuse, N., Seedorf, J., Niccolini, S., Ewald, T.: Protecting SIP-based networks and services from unwanted communications. In: Proceedings of the IEEE Global Telecommunications Conference (IEEE GLOBECOM’08) (2008)Google Scholar
  11. 11.
    ISO/IEC 27005: Information Security Risk Management. http://www.iso.org
  12. 12.
    Dabbebi, O., Badonnel, R., Festor, O.: Automated runtime risk management for voice over IP networks and services. In: Proceedings of the 12th IEEE/IFIP network operations and management symposium (NOMS 2010) (2010)Google Scholar
  13. 13.
    Rosenberg, J., Schulzrinne, H.: Registration Hijacking, Section 26.1.1, IETF Request for Comments 3261 (2002)Google Scholar
  14. 14.
    Dabbebi, O., Badonnel, R., Festor, O.: Econometric feedback for runtime risk management in VoIP architectures. In: Proceedings of the IFIP Conference on Autonomous Infrastructure, Management and Security (IFIP AIMS11) (2011)Google Scholar
  15. 15.
    Laskov, P., Rieck, K., Schafer, C., mller, K.-R.: Visualization of Anomaly Detection Using Prediction Sensitivity. Sicherheit, Germany (2005)Google Scholar
  16. 16.
    Chang, C., Lin, C.: LIBSVM: A Library for Support Vector Machines. Software available http://www.csie.ntu.edu.tw/cjlin/libsvm (2001)
  17. 17.
    Kuhn, D.R., Walsh, T.J., Fries, S.: Security Considerations for Voice Over IP Systems. National Institute of Standards and Technology. http://csrc.nist.gov/publications/ (2005)
  18. 18.
    Wickboldt, J.A., Bianchin, L.A., Lunardi, R.C., Granville, L.Z., Gaspary, L.P., Bartolini, C.: A framework for risk assessment based on analysis of historical information of workflow execution in IT systems. Comput. Netw. 55(13), 2954–2975 (2011)CrossRefGoogle Scholar
  19. 19.
    Keller, A., Hellerstein, J.L., Wolf, J.L., Wu, K.L., Krishnan, V.: The CHAMPS system: change management with planning and scheduling. In: Proceedings of the IEEE/IFIP network operations and management symposium (NOMS’04) (2004)Google Scholar
  20. 20.
    Hagen, S., da Costa Cordeiro, W.L., Gaspary, L.P., Granville, L.Z., Seibold, M., Kemper, A.: Planning in the large: efficient generation of IT change plans on large infrastructures. In: Proceedings of the 8th IEEE International Conference on Network and Service Management (IEEE CNSM’12) (2012)Google Scholar
  21. 21.
    Becker, S., State, R., Engel, T.: Using game theory to configure P2P SIP. In: Proceedings of the 3rd International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm09) (2009)Google Scholar
  22. 22.
    Olsson, T.: Assessing security risk to a network using a statistical model of attacker community competence. In: Proceedings of the Eleventh International Conference on Information and Communications Security (ICICS 2009), p. 17. Beijing, China, (2009)Google Scholar
  23. 23.
    Dabbebi, O., Badonnel, R., Festor, O.: Dynamic exposure control in P2PSIP networks. In: Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS’12) (2012)Google Scholar
  24. 24.
    Quittek, J., Niccolini, S., Tartarelli, S., Stiemerling, M., Brunner, M., Ewald, T.: Detecting SPIT Calls by checking human communication patterns. In: IEEE International Conference on Communications (ICC 2007) (2007)Google Scholar
  25. 25.
    Schlegel, R., Niccolini, S., Tartarelli, S., Brunner, M.: Spam over internet telephony (SPIT) prevention framework. In: Proceedings of the IEEE Global Communications Conference (IEEE GLOBECOM’06), San Francisco, USA (2006)Google Scholar
  26. 26.
    Quinten, V.M., van de Meent, R., Pras, A.: Analysis of techniques for protection against spam over internet telephony . In: Proceedings of 13th Open European Summer School EUNICE 2007 (2007)Google Scholar
  27. 27.
    Chapelle, O., Vapnik, V., Bousquet, O., Mukherjee, S.: Choosing multiple parameters for support vector machines. J. Mach. Learn. 46(1), 131–159 (2002)CrossRefzbMATHGoogle Scholar
  28. 28.
    Hellerstein, J., Diao, Y., Parekh, S., Tilbury, D.: Feedback Control of Computing Systems. Wiley, New York (2004)CrossRefGoogle Scholar
  29. 29.
    Grossman, L.: Computer Literacy Tests: Are You Human? Times Magazine, New York (2008)Google Scholar

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  1. 1.INRIA Nancy Grand Est, LORIAUniversity of LorraineLorraineFrance

Personalised recommendations