A first order logic security verification model for SIP

Authors:
Dimitris Geneiatakis;Costas Lambrinoudakis;Georgios Kambourakis;Aggelos Kafkalas;Sven Ehlert
Affiliations:
Department of Information and Communications Systems Engineering, University of the Aegean, Karlovassi, Greece;Department of Information and Communications Systems Engineering, University of the Aegean, Karlovassi, Greece;Department of Information and Communications Systems Engineering, University of the Aegean, Karlovassi, Greece;Department of Information and Communications Systems Engineering, University of the Aegean, Karlovassi, Greece;Fraunhofer FOKUS, Berlin, Germany
Venue:
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Year:
2009

Citing 13
Cited 0

Voice over IP

Communications of the ACM - Internet abuse in the workplace and Game engines in scientific research
IP Telephony: Deploying Voice-over-IP Protocols

IP Telephony: Deploying Voice-over-IP Protocols
Providing Response Identity and Authentication in IP Telephony

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
An ontology description for SIP security flaws

Computer Communications
A framework for protecting a SIP-based infrastructure against malformed message attacks

Computer Networks: The International Journal of Computer and Telecommunications Networking
Security Attack Testing (SAT)-testing the security of information systems at design time

Information Systems
VoIP defender: highly scalable SIP-based security architecture

Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding

Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Detecting VoIP Floods Using the Hellinger Distance

IEEE Transactions on Parallel and Distributed Systems
Firewall conformance testing

TestCom'05 Proceedings of the 17th IFIP TC6/WG 6.1 international conference on Testing of Communicating Systems
A test calculus framework applied to network security policies

FATES'06/RV'06 Proceedings of the First combined international conference on Formal Approaches to Software Testing and Runtime Verification
Survey of security vulnerabilities in session initiation protocol

IEEE Communications Surveys & Tutorials
Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms

IEEE Network: The Magazine of Global Internetworking

Quantified Score

Hi-index	0.00

Visualization

Abstract

It is well known that no security mechanism can provide full protection against a potential attack. There is always a possibility that a security incident may happen, mainly as a result of a new or modified attack that the employed countermeasures cannot handle or identify. It is therefore useful to perform a deferred analysis of logged network data, in an attempt to identify abnormal behavior/traffic that flags some type of security incident that has not been detected by the security countermeasures. Such an analysis of logged data for critical real time applications, like VoIP services, is certainly a valuable tool for enhancing the security level of the provided service. In this paper we introduce a practical tool that can be employed for the analysis of logged VoIP data and thus validate the effectiveness of the security mechanisms and the conformance with the corresponding security policy rules. For the analysis of the data we capitalize on our security model for VoIP services [25] that is based on First Order Logic concepts, while the Protégé API and the Semantic Web Rule Language (SWRL) are also exploited. The proposed tool has been evaluated in terms of an experimental environment, while the results obtained confirm the validity of its operation and demonstrate its effectiveness.