Assessing the security of VoIP services

被引：6

作者：

Abdelnur, H. ^{[1
]}

State, R. ^{[1
]}

Chrisment, I. ^{[1
]}

Popi, C. ^{[1
]}

机构：

[1] LORIA INRIA Lorraine, 615 Rue Jardin Bot, F-54602 Villers Les Nancy, France

来源：

2007 10TH IFIP/IEEE INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT (IM 2009), VOLS 1 AND 2 | 2007年

关键词：

D O I：

10.1109/INM.2007.374802

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

VoIP networks are in a major deployment phase and are becoming widely spread out due to their extended functionality and cost efficiency. Meanwhile, as VoIP traffic is transported over the Internet, it is the target of a range of attacks that can jeopardize its proper functionality. In this paper we describe our work in a VoIP specific security assessment framework. Such an assessment is automated with integrated discovery actions, data management and security attacks allowing to perform VoIP specific penetration tests. These tests are important because they permit to search and detect existing vulnerabilities or misconfigured devices and services. Our main contributions consist in an elaborated network information model capable to be used in VoIP assessment, an extensible assessment architecture and its implementation, as well as in a comprehensive framework for defining and composing VoIP specific attacks.

引用

页码：373 / +

页数：2

共 21 条

[1]

[Anonymous], COMMON INFORM MODEL

[2]

[Anonymous], NMAP NETWORK MAPPER

[3]

BARROSO D, YERSINIA FRAMEWORK L

[4]

Biondi P., SCAPY PACKET MANIPUL

[5]

DAHL O, 2006, IWIA 06, P157

[6]

*INT TEL UN, H323 INT TEL UN

[7]

JHA RS, 2002, SP 02, P273

[8] A formal approach for passive testing of protocol data portions [J].

Lee, D ;

Chen, DL ;

Hao, RB ;

Miller, RE ;

Wu, JP ;

Yin, X .

10TH IEEE INTERNATIONAL CONFERENCE ON NETWORK PROTOCOLS, PROCEEDINGS, 2002, :122-131

[9]

MCNAB C, 2004, NETWORK SECURITY ASS

[10]

*NESS, VULN SCANN

← 1 2 3 →