Skip to Main content Skip to Navigation

VoIP Networks Monitoring and Intrusion Detection

Mohamed Nassar 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Voice over IP (VoIP) has become a major paradigm for providing flexible telecommunication services and reducing operational costs. The large-scale deployment of VoIP has been leveraged by the high-speed broadband access to the Internet and the standardization of dedicated protocols. However, VoIP faces multiple security issues including vulnerabilities inherited from the IP layer as well as specific ones. Our objective is to design, implement and validate new models and architectures for performing proactive defense, monitoring and intrusion detection in VoIP networks.

Our work combines two domains: network security and artificial intelligence. We reinforce existent security mechanisms by working on three axes: a machine learning approach for VoIP signaling traffic monitoring, a VoIP specific honeypot and a security event correlation model for intrusion detection. In order to experiment our solutions, we have developed VoIP agents which are distributed and managed by a central entity. We have developed an analyzer of signaling network traces and we used it to analyze real-world traces. Finally, we have implemented a prototype of a rule-based event-driven intrusion detection system.
Complete list of metadatas

Cited literature [46 references]  Display  Hide  Download
Contributor : Mohamed Nassar <>
Submitted on : Monday, April 20, 2009 - 1:02:02 PM
Last modification on : Saturday, June 2, 2018 - 1:25:02 AM
Long-term archiving on: : Friday, October 12, 2012 - 4:55:44 PM


  • HAL Id : tel-01748491, version 2



Mohamed Nassar. VoIP Networks Monitoring and Intrusion Detection. Networking and Internet Architecture [cs.NI]. Université Henri Poincaré - Nancy 1, 2009. English. ⟨NNT : 2009NAN10021⟩. ⟨tel-01748491v2⟩



Record views


Files downloads