An ontology description for SIP security flaws

13 years 7 months ago
An ontology description for SIP security flaws
— Voice over IP (VoIP) services based on the Session Initiation Protocol (SIP) gain ground as compared to other protocols like MGCP or H.323. However, the open SIP architecture constitutes the provided services vulnerable to various attacks, similar to those currently existing in Internet. The lack of a formal way to describe VoIP vulnerabilities hinders the development of tools that could be utilized for identifying such vulnerabilities or for testing the security level of the offered services, in both cases the tools being independent from a specific implementation. This paper introduces such a formalization for SIP-based VoIP services, utilizing ontologies, facilitating an extensible description of known SIP security vulnerabilities that can be employed in a real environment for testing or intrusion detection purposes.
Dimitris Geneiatakis, Costas Lambrinoudakis
Added 18 Dec 2010
Updated 18 Dec 2010
Type Journal
Year 2007
Authors Dimitris Geneiatakis, Costas Lambrinoudakis
Comments (0)