A Framework for Automated Exploit Prevention from Known Vulnerabilities in Voice Over IP Services - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Article Dans Une Revue IEEE Transactions on Network and Service Management Année : 2012

A Framework for Automated Exploit Prevention from Known Vulnerabilities in Voice Over IP Services

Résumé

We propose a prevention system for SIP-based networks which adopts a rule-based approach to build prevention specifications on SIP protocol activities that stop attacks exploiting an existing vulnerability before reaching their targets. Our approach innovates from existing solutions by making use of the contextual information of a vulnerability targeted by an attack to apply the prevention specification. Manually coding these prevention specifications is tedious and error-prone. Our method automatically infers prevention specifications by analyzing captured SIP exploit traffic. The detection engine uses an efficient method based on event graphs to match protocol activities against available prevention specifications. We describe the different components of our approach and show through an extended performance study of the implemented system its applicability to enterprise level VoIP protection.
Fichier principal
Vignette du fichier
etnsm_lahmadi.pdf (749.52 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-00746977 , version 1 (30-10-2012)

Identifiants

Citer

Abdelkader Lahmadi, Olivier Festor. A Framework for Automated Exploit Prevention from Known Vulnerabilities in Voice Over IP Services. IEEE Transactions on Network and Service Management, 2012, 9 (2), pp.114-127. ⟨10.1109/TNSM.2012.011812.110125⟩. ⟨hal-00746977⟩
230 Consultations
292 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More