SecSIP: a protective environment for the voice on SIP

Add to my library

IN130 V1 Research and innovation

SecSIP: a protective environment for the voice on SIP

Authors : Adelkader LAHMADI, Olivier FESTOR

Publication date: February 10, 2011 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

Overview

ABSTRACT

SecSIP is a framework dedicated to the protection of SIP-based services against attacks, based upon implementation or specification vulnerabilities. SecSIP relies on stateful objects which track data involved in the occurrence of a vulnerability and/or in its exploitation and applies appropriate counter-measures. In order to specify these protection rules, SecSIP has its own domain-specific language, VeTo. This language can also associate a context to any protection rule against a particular vulnerability targeting a specific SIP device.

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHORS

  • Adelkader LAHMADI : Doctorate in Computer Science - Lecturer at the École nationale supérieure d'électricité et de mécanique (ENSEM), an engineering school of the Institut nationale polytechnique de Lorraine - Member of the MADYNES research team at LORIA

  • Olivier FESTOR : Doctorate in Computer Science - Director of Research at the French National Institute for Research in Computer Science and Control (INRIA) - Head of the MADYNES team at the INRIA Nancy-Grand Est research center and at LORIA

 INTRODUCTION

Summary

SecSIP is an environment dedicated to protecting SIP protocol-based services against the exploitation of implementation or specification vulnerabilities to carry out attacks against these systems. It relies on a state model to identify the events involved in the occurrence and/or exploitation of a vulnerability. Based on the inferred automata, the environment applies appropriate countermeasures against a target. SecSIP has a specific language, called VeTo, for specifying protection rules. This language also makes it possible to associate a context with any protection against a particular vulnerability targeting a device in a SIP network.

Abstract

SecSIP is a framework dedicated to the protection of SIP-based services against attacks emerging from the exploitation of implementation or specification vulnerabilities. SecSIP relies on a stateful model to track advanced protocol event sequences in vulnerability exploitation and describes the counter-measures to prevent exploitation. SecSIP offers a domain-specific language, called VeTo, to specify the protection rules. The language also allows to associate a context to each protection rule against the exploitation of a vulnerability targeting a specific SIP device.

Keywords

SIP, VoIP, security, vulnerabilities, Firewall

Keywords

SIP, VoIP, Security, Vulnerabilities, Firewall

Key points

Field: IP network security techniques

Degree of technology diffusion: Emergence | Growth | Maturity

Technologies involved : Voice over IP, SIP, Firewall

Areas of application :

Main French players :

Competence centers: INRIA, INPL

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


Ongoing reading
SecSIP: a protective environment for the voice on SIP

Article included in this offer

"Networks and Telecommunications"

( 174 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Contenus associés

Sur le même sujet

Veille personnalisée : Inscrivez-vous !

Dans les ressources documentaires

Sécurité IPv6 - Adressage et auto-configuration

Le protocole IPv6 définit de nouveaux types d'adresses ayant des propriétés utiles pour la sécurité. IPv6...

Sécurité des systèmes embarqués

Les systèmes embarqués sont omniprésents dans nos sociétés modernes. Ils sont complexes car ils regroupen...

Protocole SIP

Le protocole normalisé SIP, Session Initiation Protocol, est dédié à la signalisation d'appel. il a été n...

Technologies VPN

Cet article présente succinctement les principales topologies et technologies utilisées pour mettre en pl...

Tous les livres blancs
Article Blockchain : entre buzz word et réalité
7 March 2019
Blockchain : entre buzz word et réalité

La Blockchain pourrait « révolutionner » différents secteurs d’activité et en particulier tous les intermédiaires de « confiance ». Mais attention au battage mé...

Article La blockchain à la rescousse de l'IoT
29 October 2019
La blockchain à la rescousse de l'IoT

L\'IoT est un secteur en forte croissance. Les objets connectés se multiplient dans des proportions abyssales. Et les problèmes de sécurité également. La blockc...

Toutes les actualités
Contact us