Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach
Voice over IP systems are more and more replacing Public Switched Telephone Network infrastructures. The number of voice telephony installations and the number of Session Initiation Protocol users is constantly increasing. Attacks against Voice over IP systems are becoming more imaginative and many attacks can cause financial damage, e.g., attackers gain money or create costs for the victim. Therefore, the dependency on available and secure Voice over IP systems to conduct secure business is given. We provide an environment to uncover real-world toll fraud attacks by collecting data using a Voice over IP honeynet solution.
KeywordsInternet Protocol Internet Protocol Address Public Switch Telephone Network Internet Protocol Packet Voice Pattern
Unable to display preview. Download preview PDF.
- 1.Al-Allouni, H., Rohiem, A.E., Hashem, M., El-moghazy, A., Ahmed, A.E.-A.: Voip denial of service attacks classification and implementation. In: National Radio Science Conference (NRSC), pp. 1–12 (2009)Google Scholar
- 2.Blake, E.A.: Network security: Voip security on data network–a guide. In: InfoSecCD 2007: Proceedings of the 4th Annual Conference on Information Security Curriculum Development, pp. 1–7. ACM, New York (2007)Google Scholar
- 5.Endler, D., Collier, M.: Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions. McGraw-Hill, Inc., New York (2007)Google Scholar
- 6.Gauci, S.: Distributed sip scanning during halloween weekend, http://blog.sipvicious.org/2010/11/distributed-sip-scanning-during.html (last accessed: January 12, 2013)
- 7.Gruber, M., Fankhauser, F., Taber, S., Schanes, C., Grechenig, T.: Trapping and analyzing malicious voip traffic using a honeynet approach. In: The 6th International Conference on Internet Technology and Secured Transactions (ICITST), pp. 442–447 (December 2011)Google Scholar
- 8.Hofbauer, S., Beckers, K., Quirchmayr, G., Sorge, C.: A lightweight privacy preserving approach for analyzing communication records to prevent voip attacks using toll fraud as an example. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 992–997 (June 2012)Google Scholar
- 9.Hoffstadt, D., Marold, A., Rathgeb, E.: Analysis of sip-based threats using a voip honeynet system. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 541–548 (June 2012)Google Scholar
- 10.Nassar, M., State, R., Festor, O.: Voip malware: Attack tool & attack scenarios. In: IEEE International Conference on Communications, ICC 2009, pp. 1–6 (June 2009)Google Scholar
- 12.SANS Internet Storm Center. Port details — sans internet storm center, http://isc.sans.edu/port.html?port=5060 (last accessed: January 12, 2013)
- 14.Valli, C., Al-Lawati, M.: Developing robust voip router honeypots using device fingerprints. In: 1st International Cyber Resilience Conference (August 2010)Google Scholar
- 15.VoIP Security Alliance. Voipsa, voip security and privacy threat taxonomy, http://www.voipsa.org/Activities/VOIPSA_Threat_Taxonomy_0.1.pdf (last accessed: January 12, 2013)