, 8) consiste à eectuer des test AMD pour détecter si l'appelant est un homme ou une machine. Nous vérions le comportement de l'appelant en exécutant la commande AMD agi.appexec("AMD, 2000.
, contremesure redirige l'appel vers une autre destination (par exemple, le ltrage d'appel fait par le secrétariat), et le blocage de l'appel si l'appelant
, Automated runtime risk management for voice over IP networks and services, 2010 IEEE Network Operations and Management Symposium, NOMS 2010, pp.57-64, 2010.
DOI : 10.1109/NOMS.2010.5488435
URL : https://hal.archives-ouvertes.fr/inria-00538675
, Managing Risks at Runtime in VoIP Networks and Services, Proceedings of the IFIP International Conference on Autonomous Infrastructure , Management and Security (IFIP AIMS 2010), pp.89-92, 2010.
DOI : 10.1007/978-3-642-13986-4_11
URL : https://hal.archives-ouvertes.fr/inria-00538685
, Risk management in VoIP infrastructures using support vector machines, 2010 International Conference on Network and Service Management, pp.48-55, 2010.
DOI : 10.1109/CNSM.2010.5691338
URL : https://hal.archives-ouvertes.fr/inria-00530167
, Econometric Feedback for Runtime Risk Management in VoIP Architectures, Proceedings of the IFIP International Conference on Autonomous Infrastructure, Management and Security (IFIP AIMS 2011), pp.26-37, 2011.
DOI : 10.1007/978-3-540-73530-4_9
URL : https://hal.archives-ouvertes.fr/hal-00747274
, A broad-spectrum strategy for runtime risk management in VoIP enterprise architectures, 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, pp.478-484, 2011.
DOI : 10.1109/INM.2011.5990549
URL : https://hal.archives-ouvertes.fr/hal-00580317
, Dynamic exposure control in P2PSIP networks, 2012 IEEE Network Operations and Management Symposium, pp.261-268, 2012.
DOI : 10.1109/NOMS.2012.6211907
URL : https://hal.archives-ouvertes.fr/hal-00646808
, A trust-based strategy for addressing residual attacks in the RELOAD architecture, 2012 IEEE International Conference on Communications (ICC), 2012.
DOI : 10.1109/ICC.2012.6364305
URL : https://hal.archives-ouvertes.fr/hal-00646815
, An Online Risk Management Strategy for VoIP Enterprise Infrastructures, INRIA Research Report, vol.2012
, Leveraging countermeasures as a service for VoIP security in the cloud, International Journal of Network Management, vol.52, issue.1
DOI : 10.1016/j.comnet.2008.05.001
URL : https://hal.archives-ouvertes.fr/hal-00926233
, KiF, Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, IPTComm '07, p.4756, 2007.
DOI : 10.1145/1326304.1326313
URL : https://hal.archives-ouvertes.fr/inria-00166947
, A distributed trust model, Proceedings of the 1997 workshop on New security paradigms , NSPW '97, p.4860, 1997.
DOI : 10.1145/283699.283739
, Computer Security Threat Monitoring and Surveillance
, The proactive security toolkit and applications, Proceedings of the 6th ACM conference on Computer and communications security , CCS '99, p.1827, 1999.
DOI : 10.1145/319709.319713
, Cloud VoIP System With Bypass for IP Media, 2011.
, Probabilistic Risk Analysis : Foundations and Methods. Cambridge, 2001.
, BRUTE : a High Performance and Extensible Trac Generator, Proc. of International Symposium on Performance and Extensible Trac Generator (SPECTS'05), 2005.
, Secure Routing for Structured Peer-to-peer Overlay Networks, SIGOPS Oper. Syst. Rev, vol.36, issue.SI, p.299314, 2002.
, LIBSVM, ACM Transactions on Intelligent Systems and Technology, vol.2, issue.3, 2001.
DOI : 10.1145/1961189.1961199
, LIBSVM, ACM Transactions on Intelligent Systems and Technology, vol.2, issue.3, pp.27-127, 2011.
DOI : 10.1145/1961189.1961199
, IMS cloud computing architecture for high-quality multimedia applications, 2011 7th International Wireless Communications and Mobile Computing Conference, 2011.
DOI : 10.1109/IWCMC.2011.5982754
, IMS cloud computing architecture for high-quality multimedia applications, 2011 7th International Wireless Communications and Mobile Computing Conference, p.14631468, 2011.
DOI : 10.1109/IWCMC.2011.5982754
, Evaluation of Sybil Attacks Protection Schemes in KAD, Proc. of the 3rd International Conference on Autonomous Infrastructure, Management and Security : Scalability of Networks and Services, p.7082, 2009.
DOI : 10.1145/1151659.1159945
URL : https://hal.archives-ouvertes.fr/inria-00405381
, Probing TCP implementations, Proc. of the USENIX Security Symposium (USENIX'94), 1994.
, A broad-spectrum strategy for runtime risk management in VoIP enterprise architectures, 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, p.478484, 2011.
DOI : 10.1109/INM.2011.5990549
URL : https://hal.archives-ouvertes.fr/hal-00580317
, Econometric Feedback for Runtime Risk Management in VoIP Architectures, Proc. of the 5th International Conference on Autonomous Infrastructure, Management, and Security (AIMS'11), p.2637, 2011.
DOI : 10.1007/978-3-540-73530-4_9
URL : https://hal.archives-ouvertes.fr/hal-00747274
, A trust-based strategy for addressing residual attacks in the RELOAD architecture, 2012 IEEE International Conference on Communications (ICC), p.261268, 2012.
DOI : 10.1109/ICC.2012.6364305
URL : https://hal.archives-ouvertes.fr/hal-00646815
, Leveraging countermeasures as a service for VoIP security in the cloud, INRIA Research Report, papier invité à être soumis au journal international de IJNM, 2012.
DOI : 10.1016/j.comnet.2008.05.001
URL : https://hal.archives-ouvertes.fr/hal-00926233
, An Online Risk Management Strategy for VoIP Enterprise Infrastructures Managing Risks at Runtime in VoIP Networks and Services, INRIA Research Report, papier invité à être soumis au journal Proc. of the 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS'10), p.8992, 2010.
, An Intrusion-Detection Model, IEEE Transactions on Software Engineering, vol.13, issue.2, p.222232, 1987.
, VoIP et ToIP Asterisk : La téléphonie sur IP (conception, installation, conguration , déploiement) Eni editions, 2001.
, Protecting SIP-based Networks and Services from Unwanted Communications, Proc. of IEEE/Global Telecommunications Conference (GLOBECOM'08), 2008.
, Cloud Computing: Issues and Challenges, 2010 24th IEEE International Conference on Advanced Information Networking and Applications, p.2733, 2010.
DOI : 10.1109/AINA.2010.187
, The Sybil Attack, Proc. of the First International Workshop of the Peerto-Peer Systems (IPTPS'02), volume 2429 of Lecture Notes in Computer Science, p.251260, 2002.
DOI : 10.1007/3-540-45748-8_24
, Protocol scrubbing : network security through transparent ow modication, p.261273, 2004.
, Hacking VoIP : Protocols, Attacks, and Countermeasures, 2008.
, Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks, International Journal of Security and Networks, vol.4, issue.3, p.189200, 2009.
DOI : 10.1504/IJSN.2009.027344
, RheoStat: Real-Time Risk Management, Proc. of the 7th International Symposium on Recent Advances in Intrusion Detection, p.1517, 2004.
DOI : 10.1007/978-3-540-30143-1_16
, Parallel Support Vector Machines : The Cascade SVM, Proc. of the Advances in Neural Information Processing (NIPS'04), 2004.
, Overview of intrusion detection and intrusion prevention, Proceedings of the 5th annual conference on Information security curriculum development, InfoSecCD '08
DOI : 10.1145/1456625.1456638
, Network intrusion detection : evasion, trac normalization, and end-to-end protocol semantics, Proc. of the USENIX Security Symposium (USENIX'01), p.99, 2001.
, Developing a Legally Compliant Reachability Management System as a Countermeasure against SPIT, Proc. of the 3rd Voice Over IP Security Workshop (VSW 06), 2008.
, Comparison of the finite mixture of ARMA-GARCH, back propagation neural networks and support-vector machines in forecasting financial returns, Journal of Applied Statistics, vol.48, issue.3
DOI : 10.1016/j.asoc.2008.08.001
, The Box-Jenkins Forecasting Technique, 1971.
, Time Series Analysis, 1994.
, Social Engineering : The Art of Human Hacking, 2011.
, Ray Tracing Parametric Patches, Proc. of the 9th annual conference on Computer graphics and interactive techniques (SIGGRAPH'82), p.245254, 1982.
DOI : 10.1145/800064.801287
URL : https://authors.library.caltech.edu/26984/1/5017_TR_82.pdf
, The Eigentrust algorithm for reputation management in P2P networks, Proceedings of the twelfth international conference on World Wide Web , WWW '03, p.640651, 2003.
DOI : 10.1145/775152.775242
, A Survey of Voice over IP Security Research, Proc. of the 5th International Conference Information Systems Security, p.117, 2009.
DOI : 10.1007/978-3-642-10772-6_1
, Voice over IP : Risks, Threats and Vulnerabilities, Proc. (electronic) of the Cyber Infrastructure Protection Conference (CIP'09, 2009.
, A look at VoIP Vulnerabilities, Proc. of the 18th USENIX Security Symposium (USENIX'10), 2009.
, DEVS-Based modeling of VoIP spam callers??? behavior for SPIT level calculation, Journal on Simulation Modelling Practice and Theory, 2008.
DOI : 10.1016/j.simpat.2008.09.008
, Security Considerations for Voice Over IP Systems. National Institute of Standards and Technology, csrc.nist.gov, 2005.
, Financinal Forecasting comparison of ARIMA, FFNN and SVR Models, 2008.
, SecSip: A stateful firewall for SIP-based networks, 2009 IFIP/IEEE International Symposium on Integrated Network Management, 2009.
DOI : 10.1109/INM.2009.5188807
URL : https://hal.archives-ouvertes.fr/inria-00404853
, VeTo: An exploit prevention language from known vulnerabilities in SIP services, 2010 IEEE Network Operations and Management Symposium, NOMS 2010, p.216223, 2010.
DOI : 10.1109/NOMS.2010.5488464
URL : https://hal.archives-ouvertes.fr/inria-00544976
, Intrusion Detection in Unlabeled Data with Quartersphere Support Vector Machines, Proc. of the 1st Conference on Detection of Intrusions and Malware and Vulnerability Assessment, p.7182, 2004.
, Analysis of the evolution of peer-to-peer systems, Proceedings of the twenty-first annual symposium on Principles of distributed computing , PODC '02, 2002.
DOI : 10.1145/571825.571863
, A Survey and Comparison of Peer-to-Peer Overlay Network Schemes, IEEE Communications Surveys and Tutorials, vol.7, p.7293, 2005.
, Assessing the risk of intercepting VoIP calls, Computer Networks, vol.52, issue.12, p.24322446, 2008.
DOI : 10.1016/j.comnet.2008.05.001
, VoIP Networks Monitoring and Intrusion Detection, 2009.
URL : https://hal.archives-ouvertes.fr/tel-00376831
, Risk Management in VoIP Architectures using Support Vector Machines, Proc. of 6th IFIP/IEEE International Conference on Network and Service Management (CNSM'10), 2010.
, Detection and mitigation of spam in IP telephony networks using signaling protocol analysis, IEEE/Sarnoff Symposium on Advances in Wired and Wireless Communication, 2005., 2005.
DOI : 10.1109/SARNOF.2005.1426509
, Transport and application protocol scrubbing, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064), p.13811390, 2000.
DOI : 10.1109/INFCOM.2000.832535
URL : http://www-cse.ucsd.edu/~savage/cse291/papers/Malan00.pdf
, Cloud Security and Privacy : An Enterprise Perspective on Risks and Compliance, 2009.
, SDRS: A Voice-over-IP Spam Detection and Reaction System, IEEE Security & Privacy Magazine, vol.6, issue.6, p.5259, 2008.
DOI : 10.1109/MSP.2008.149
, Risk Analysis in Engineering, 2006.
, VoIP Honeypot Architecture, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management, p.109118, 2007.
DOI : 10.1109/INM.2007.374775
URL : https://hal.archives-ouvertes.fr/inria-00149554
, A Framework for Monitoring SIP Enterprise Networks, 2010 Fourth International Conference on Network and System Security
DOI : 10.1109/NSS.2010.79
URL : https://hal.archives-ouvertes.fr/inria-00519728
, A Broad-Spectrum Strategy for Runtime Risk management in VoIP Entreprise Architectures, Proc. of the 12 IFIP/IEEE international Symposium on Integrated network Management (IM'11), 2011.
, Automated runtime risk management for voice over IP networks and services, 2010 IEEE Network Operations and Management Symposium, NOMS 2010, p.5764, 2010.
DOI : 10.1109/NOMS.2010.5488435
URL : https://hal.archives-ouvertes.fr/inria-00538675
, Assessing Security Risk to a Network Using a Statistical Model of Attacker Community Competence, Proc. of the 11th International Conference on Information and Communications Security (ICICS'09), p.308324, 2009.
DOI : 10.1007/978-3-642-11145-7_24
, Securing VoIP Networks : Threats, Vulnerabilities, and Countermeasures, 2007.
, On the Theory of Learnining with Privileged Information, Proc. of the 24th Annual Conference on Neural Information Processing Systems (NIPS'10), p.18941902, 2010.
, Honeypot-based Forensics, Proc. of the Asia pacic information technology security conference (AusCERT'04), 2004.
, Analysis of Techniques for Protection Against Spam over Internet Telephony, Proc. of 13th Open European Summer School EUNICE 2007, 2007.
DOI : 10.1007/978-3-540-73530-4_9
, Prevention of Spam over IP Telephony (SPIT), In NEC Technical Journal, vol.1, issue.2, 2006.
, Detecting SPIT Calls by Checking Human Communication Patterns, 2007 IEEE International Conference on Communications, 2007.
DOI : 10.1109/ICC.2007.329
, ISE03-2: SPam over Internet Telephony (SPIT) Prevention Framework, IEEE Globecom 2006, 2006.
DOI : 10.1109/GLOCOM.2006.192
, Predictive Algorithms in the Management of, Computer Systems. IBM System journal, issue.3, p.41, 2003.
, Session Initiation Protocol (SIP) : Controlling Convergent Networks, 2008.
, Cloud computing security threats and responses, 2011 IEEE 3rd International Conference on Communication Software and Networks, p.245249, 2011.
DOI : 10.1109/ICCSN.2011.6014715
, Security challenges for peer-to-peer SIP, IEEE Network, vol.20, issue.5, p.3845, 2006.
DOI : 10.1109/MNET.2006.1705882
, Using Cryptographically Generated SIP-URIs to protect the Integrity of Content in P2P-SIP, Proc. of the 3rd Annual VoIP Security Workshop (VSW'06), 2006.
, Detecting VoIP Floods Using the Hellinger Distance, IEEE Transactions on Parallel and Distributed Systems, vol.19, issue.6, p.794805, 2008.
DOI : 10.1109/TPDS.2007.70786
, Detecting VoIP Floods Using the Hellinger Distance, IEEE Transactions on Parallel and Distributed Systems, vol.19, issue.6, p.794805, 2008.
DOI : 10.1109/TPDS.2007.70786
, Cloud Computing Security--Trends and Research Directions, 2011 IEEE World Congress on Services, 2011.
DOI : 10.1109/SERVICES.2011.20
, How to share a secret, Communications of the ACM, vol.22, issue.11, p.612613, 1979.
DOI : 10.1145/359168.359176
, Progressive Multi Gray-Leveling : A Voice Spam Protection Algorithm, IEEE Network Magazine, vol.20, p.1824, 2006.
, Peer-to-peer internet telephony using SIP, Proceedings of the international workshop on Network and operating systems support for digital audio and video , NOSSDAV '05, p.6368, 2005.
DOI : 10.1145/1065983.1065999
URL : http://www.cs.columbia.edu/~kns10/papers/nyman04.pdf
, SIPpeer : A SIP-based Peer-to-Peer Internet Telephony Adaptor, Proc. of the International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV '05), p.6368, 2005.
DOI : 10.1145/1065983.1065999
URL : http://www.cs.columbia.edu/~kns10/papers/nyman04.pdf
, Detecting Anomaly Trac using Flow Data in the real VoIP network, Proc. of the 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT'10), p.253256, 2010.
, Security Requirements in Peer-to-Peer Session Initiation Protocol, IETF Internet Draft, 2008.
, P2PSIP Security 0verview and Risk Analysis, IETF Internet Draft, tools.ietf.org/html/draft-matuszewski-p2psip-security-requirements- 06, 2010.
, Risk Management Guide for Information Technology Systems Recommendations of the National Institute of Standards and Technology
, Breaking audio captchas, NIPS, p.16251632, 2008.
, Quick Detection of Stealthy SIP Flooding Attacks in VoIP Networks, 2011 IEEE International Conference on Communications (ICC)
DOI : 10.1109/icc.2011.5963248
, Cloud computing security considerations, 2011 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), p.118, 2011.
DOI : 10.1109/ICSPCC.2011.6061557
, Learning hidden information: SVM+, 2006 IEEE International Conference on Granular Computing, p.22, 2006.
DOI : 10.1109/GRC.2006.1635748
, Unthorised Access : Physical Penetration Testing for IT Security Teams, 2009.
, Support Vector Machines : Theory and Applications, volume 177 of Studies in Fuzziness and Soft Computing, 2005.
, Computer-generated comprehensive risk assessment for IT project management, 2010 IEEE Network Operations and Management Symposium, NOMS 2010, 2009.
DOI : 10.1109/NOMS.2010.5488498
, Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding, Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, IPTComm '07, 2007.
DOI : 10.1145/1326304.1326314
, Trust-based Framework for Security Enhancement of P2PSIP Communication Systems, Proc. of the 4th International Conference for Internet Technology and Secured Transactions, 2009.
, 95 RTC Réseau téléphonique commuté. 3 RTCP Real Time Control Protocol, RTP Real Time Protocol, vol.5, issue.5, p.17
, Multipurpose Internet Mail Extensions. 42 SDP Session Description Protocol. 5, 19 SIP Session Initiation Protocol. 5, 14 SPIT Spam over Internet Telephony, p.41