Voice Over IP (VoIP) or telephony services over Internet announces a new revolution in the telecommunication world for its management simplicity and cost reduction. VoIP security extends the existent risk range of IP protocols and infrastructures and introduces new attacks as well. Threats identification and standardization, secure signaling and media architectures, as well as intrusion detection and prevention mechanisms are currently under debate in the research community. We propose in this article a SIP (Session Initiation Protocol) specific honeypot. We describe its design and implementation. We detail the inference mechanism which classifies the received messages. We show how the model investigates about a received call and raises an appropriate conclusion.