Proceedings of the 2002 ACM symposium on Applied computing
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Learning attack strategies from intrusion alerts
Proceedings of the 10th ACM conference on Computer and communications security
Risk Management using Behavior based Attack Graphs
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Minimum-cost network hardening using attack graphs
Computer Communications
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
An Adaptive Policy-Based Approach to SPIT Management
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
OntoSPIT: SPIT management through ontologies
Computer Communications
| Hi-index | 0.00 |
The use of IP networks for telephony applications (VoIP) is becoming increasingly popular, mainly due to its advantages in terms of communication and multimedia services. This fact may also shift several problems from the Internet context, such as spam, which - in the VoIP case - has been identified as SPIT. In this paper, we propose an abstract model for describing SPIT attack strategies by incorporating the underlying threats and vulnerabilities of the VoIP technology regarding SPIT phenomenon. Our model is mainly focused on the signaling part of VoIP sessions (i.e. the SIP protocol), and it is based on the representation of attacks through attack graphs and attack trees. We also demonstrate how this model could be used for the development of a set of reusable attack scenarios (patterns), with an eye towards the development of a SPIT Detection System.