An Online Risk Management Strategy for VoIP Enterprise Infrastructures

An Online Risk Management Strategy for VoIP Enterprise Infrastructures

Telephony over IP has been widely deployed, supported by the standardization of VoIP signalling and media transfer protocols. This deployment has also led to the emergence of several security threats, including attacks inherited from the IP layer and attacks specific to the application layer. A larg...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of network and systems management 2015-01, Vol.23 (1), p.137-162
Hauptverfasser: Dabbebi, O., Badonnel, R., Festor, O.
Format: Artikel
Sprache:eng
Schlagworte:
Analysis
Communications Engineering
Computer Communication Networks
Computer Science
Computer Systems Organization and Communication Networks
Countermeasures
Information Systems and Communication Service
Infrastructure
Internet telephony
Mathematical models
Military technology
Network security
Networking and Internet Architecture
Networks
Operations Research/Decision Theory
Performance evaluation
Protocol
Quality of service
Risk management
Security
Security management
Servers
Studies
Telephones
Voice
VoIP (protocol)
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Telephony over IP has been widely deployed, supported by the standardization of VoIP signalling and media transfer protocols. This deployment has also led to the emergence of several security threats, including attacks inherited from the IP layer and attacks specific to the application layer. A large variety of security mechanisms has been proposed for addressing them, but these mechanisms may seriously degrade such a critical service. We propose in this paper an online risk management strategy for protecting VoIP infrastructures. The objective is to minimize the network exposure to security attacks while maintaining the quality of service, through the dynamic application of countermeasures. We describe our approach from the formalization of a dedicated risk model to its proof-of-concept implementation into an Asterisk VoIP server. We detail a portfolio of countermeasures and evaluate the performance of our solution with respect to different criteria, including the number of countermeasures, the risk threshold and the size of attack signatures.
ISSN:1064-7570
1573-7705
DOI:10.1007/s10922-013-9282-4