Overview
ABSTRACT
SecSIP is a framework dedicated to the protection of SIP-based services against attacks, based upon implementation or specification vulnerabilities. SecSIP relies on stateful objects which track data involved in the occurrence of a vulnerability and/or in its exploitation and applies appropriate counter-measures. In order to specify these protection rules, SecSIP has its own domain-specific language, VeTo. This language can also associate a context to any protection rule against a particular vulnerability targeting a specific SIP device.
Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.
Read the articleAUTHORS
-
Adelkader LAHMADI: Doctorate in Computer Science - Lecturer at the École nationale supérieure d'électricité et de mécanique (ENSEM), an engineering school of the Institut nationale polytechnique de Lorraine - Member of the MADYNES research team at LORIA
-
Olivier FESTOR: Doctorate in Computer Science - Director of Research at the French National Institute for Research in Computer Science and Control (INRIA) - Head of the MADYNES team at the INRIA Nancy-Grand Est research center and at LORIA
INTRODUCTION
SecSIP is an environment dedicated to protecting SIP protocol-based services against the exploitation of implementation or specification vulnerabilities to carry out attacks against these systems. It relies on a state model to identify the events involved in the occurrence and/or exploitation of a vulnerability. Based on the inferred automata, the environment applies appropriate countermeasures against a target. SecSIP has a specific language, called VeTo, for specifying protection rules. This language also makes it possible to associate a context with any protection against a particular vulnerability targeting a device in a SIP network.
SecSIP is a framework dedicated to the protection of SIP-based services against attacks emerging from the exploitation of implementation or specification vulnerabilities. SecSIP relies on a stateful model to track advanced protocol event sequences in vulnerability exploitation and describes the counter-measures to prevent exploitation. SecSIP offers a domain-specific language, called VeTo, to specify the protection rules. The language also allows to associate a context to each protection rule against the exploitation of a vulnerability targeting a specific SIP device.
SIP, VoIP, security, vulnerabilities, Firewall
SIP, VoIP, Security, Vulnerabilities, Firewall
Field: IP network security techniques
Degree of technology diffusion: Emergence | Growth | Maturity
Technologies involved : Voice over IP, SIP, Firewall
Areas of application :
Main French players :
Competence centers: INRIA, INPL
The Ultimate Scientific and Technical Reference
CAN BE ALSO FOUND IN:
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
SecSIP: a protective environment for voice over IP
Voice over IP, vulnerabilities and attacks
Bibliography
Websites
SecSIP project http://secsip.gforge.inria.fr
SIP Abuse http://aws.amazon.com/security/sip-abuse/
VoIPSA http://www.voipsa.org
The Ultimate Scientific and Technical Reference
