Article | REF: IN130 V1

SecSIP: a protective environment for the voice on SIP

Authors: Adelkader LAHMADI, Olivier FESTOR

Publication date: February 10, 2011

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


Overview

Français

ABSTRACT

SecSIP is a framework dedicated to the protection of SIP-based services against attacks, based upon implementation or specification vulnerabilities. SecSIP relies on stateful objects which track data involved in the occurrence of a vulnerability and/or in its exploitation and applies appropriate counter-measures. In order to specify these protection rules, SecSIP has its own domain-specific language, VeTo. This language can also associate a context to any protection rule against a particular vulnerability targeting a specific SIP device.

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHORS

  • Adelkader LAHMADI: Doctorate in Computer Science - Lecturer at the École nationale supérieure d'électricité et de mécanique (ENSEM), an engineering school of the Institut nationale polytechnique de Lorraine - Member of the MADYNES research team at LORIA

  • Olivier FESTOR: Doctorate in Computer Science - Director of Research at the French National Institute for Research in Computer Science and Control (INRIA) - Head of the MADYNES team at the INRIA Nancy-Grand Est research center and at LORIA

 INTRODUCTION

Summary

SecSIP is an environment dedicated to protecting SIP protocol-based services against the exploitation of implementation or specification vulnerabilities to carry out attacks against these systems. It relies on a state model to identify the events involved in the occurrence and/or exploitation of a vulnerability. Based on the inferred automata, the environment applies appropriate countermeasures against a target. SecSIP has a specific language, called VeTo, for specifying protection rules. This language also makes it possible to associate a context with any protection against a particular vulnerability targeting a device in a SIP network.

Abstract

SecSIP is a framework dedicated to the protection of SIP-based services against attacks emerging from the exploitation of implementation or specification vulnerabilities. SecSIP relies on a stateful model to track advanced protocol event sequences in vulnerability exploitation and describes the counter-measures to prevent exploitation. SecSIP offers a domain-specific language, called VeTo, to specify the protection rules. The language also allows to associate a context to each protection rule against the exploitation of a vulnerability targeting a specific SIP device.

Keywords

SIP, VoIP, security, vulnerabilities, Firewall

Keywords

SIP, VoIP, Security, Vulnerabilities, Firewall

Key points

Field: IP network security techniques

Degree of technology diffusion: Emergence | Growth | Maturity

Technologies involved : Voice over IP, SIP, Firewall

Areas of application :

Main French players :

Competence centers: INRIA, INPL

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors
+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year
From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Networks and Telecommunications

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
SecSIP: a protective environment for voice over IP