DAML+OIL: An Ontology Language for the Semantic Web
IEEE Intelligent Systems
A framework for protecting a SIP-based infrastructure against malformed message attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Survey of security vulnerabilities in session initiation protocol
IEEE Communications Surveys & Tutorials
OntoSPIT: SPIT management through ontologies
Computer Communications
Ontology-Based Network Management: Study Cases and Lessons Learned
Journal of Network and Systems Management
A Survey of Voice over IP Security Research
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
An ontology-based approach to react to network attacks
International Journal of Information and Computer Security
Design and analysis of SIP-based mobile VPN for real-time applications
IEEE Transactions on Wireless Communications
A first order logic security verification model for SIP
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Basis for an integrated security ontology according to a systematic review of existing proposals
Computer Standards & Interfaces
SIPAD: SIP-VoIP Anomaly Detection using a Stateful Rule Tree
Computer Communications
Hi-index | 0.24 |
Voice over IP (VoIP) services based on the Session Initiation Protocol (SIP) gain ground as compared to other protocols like MGCP or H.323. However, the open SIP architecture constitutes the provided services vulnerable to various attacks, similar to those currently existing in Internet. The lack of a formal way to describe VoIP vulnerabilities hinders the development of tools that could be utilized for identifying such vulnerabilities or for testing the security level of the offered services, in both cases the tools being independent from a specific implementation. This paper introduces such a formalization for SIP-based VoIP services, utilizing ontologies, facilitating an extensible description of known SIP security vulnerabilities that can be employed in a real environment for testing or intrusion detection purposes.