An Online Risk Management Strategy for VoIP Enterprise Infrastructures

Oussema Dabbebi 1 Rémi Badonnel 1 Olivier Festor 1
1 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Telephony over IP has been widely deployed, supported by the standardization of VoIP signalling and media transfer protocols. This deployment has also led to the emergence of several security threats, including attacks inherited from the IP layer and attacks specific to the application layer. A large variety of security mechanisms has been proposed for addressing them, but these mechanisms may seriously degrade such a critical service. We propose in this paper an online risk management strategy for protecting VoIP infrastructures. The objective is to minimize the network exposure to security attacks while maintaining the quality of service, through the dynamic application of countermeasures. We describe our approach from the formalization of a dedicated risk model to its proof-of-concept implementation into an Asterisk VoIP server. We detail a portfolio of counter- measures and evaluate the performance of our solution with respect to different criteria, including the number of countermeasures, the risk threshold and the size of attack signatures.
Type de document :
Article dans une revue
Journal of Network and Systems Management, Springer Verlag, 2015, Journal of Network and System Management, pp.26. 〈http://link.springer.com/article/10.1007/s10922-013-9282-4〉. 〈10.1007/s10922-013-9282-4〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00875133
Contributeur : Rémi Badonnel <>
Soumis le : lundi 21 octobre 2013 - 11:31:17
Dernière modification le : mardi 20 mars 2018 - 19:19:09

Identifiants

Collections

Citation

Oussema Dabbebi, Rémi Badonnel, Olivier Festor. An Online Risk Management Strategy for VoIP Enterprise Infrastructures. Journal of Network and Systems Management, Springer Verlag, 2015, Journal of Network and System Management, pp.26. 〈http://link.springer.com/article/10.1007/s10922-013-9282-4〉. 〈10.1007/s10922-013-9282-4〉. 〈hal-00875133〉

Partager

Métriques

Consultations de la notice

309