Atraindo, conhecendo e repudiando atacantes VoIP

Daniel Bauermann; Giovani Luís Emmert

doi:10.5753/sbseg.2017.19502

Daniel Bauermann Faculdade IENH / Universidade Feevale
Giovani Luís Emmert Faculdade IENH

DOI: https://doi.org/10.5753/sbseg.2017.19502

Abstract

The expansion of the use of voice over IP systems has attracted a growing number of people who try to find vulnerabilities that may cause harm to organizations. To understand how these people exploit the systems, it is crucial know their way of acting. For this, different works uses honeypot technology with the objective of investigating the caracteristics of many kinds of possible attacks. However, few works present a system that can repulse attackers interested in exploiting vulnerable systems, especially for VoIP services. In this work, we propose a framework capable of compiling attack data to increase the security of an IP telephony network.

References

(2016). Barracuda reputation block list (brbl). http://www.barracudacentral.org/rbl.

(2016). Protect you asterisk voip server from hackers and voip hijackers. http://www.networksystemssolutions.eu/voipblocklist.php.

(2016). Sip: Session initiation protocol. https://www.ietf.org/rfc/rfc3261.txt.

(2016). The spamhaus project. https://www.spamhaus.org/.

(2016). Voip blacklist. http://www.voipbl.org/.

Callado, A., Fernandes, G., Silva, A., Barbosa, R., Sadok, D., e Kelner, J. (2007). Construção de redes de voz sobre ip. 25o Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, páginas 11–58.

Carmo, Rodrigo do e Nassar, M. e. F. O. (2011). Artemisa: an open-source honeypot back-end to support security in voip domains. IFIP/IEEE International Symposium on Integrated Network Management, páginas 361–368.

CERT.br (2016). Projeto honeypots distribuídos. http://honeytarg.cert.br/honeypots/index-po.html.

CERT.br (2017). Distributed honeypots project. https://honeytarg.cert.br/stats/flows/current/.

Endler, D. e Collier, M. (2007). Hacking Exposed VoIP. McGraw-Hill, New York.

Ghafarian, A., Seno, S. A. H., e Dehghani, M. (2016). An empirical study of security of voip system. SAI Computing Conference, páginas 1031–1036.

Gruber, M., Fankhauser, F., Taber, S., Schanes, C., e Grechenig, T. (2011). Security status of voip based on the observation of real-world attacks on a honeynet. The Third IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), páginas 1041–1047.

Gruber, M., Hoffstadt, D., Aziz, A., Fankhauser, F., Schanes, C., Rathgeb, E., e Grechenig, T. (2015). Global voip security threats - large scale validation based on independent honeynets. IFIP Networking Conference (IFIP Networking), 2015, páginas 1–9.

Hoffstadt, D., Marold, A., e Rathgeb, E. (2012). Analysis of sip-based threats using a voip honeynet system. 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, páginas 541–548.

Nassar, M., State, R., e Festor, O. (2011). Voip honeypot architecture. 2011 10th IFIP/IEEE International Symposium on Integrated Network Management, páginas 109–118.

Safarik, J., Voznak, M., Rezac, F., e Macura, L. (2012). Malicious traffic monitoring and its evaluation in voip infrastructure. Telecommunications and Signal Processing, páginas 259–262.

Steding-Jessen, Klaus e Ceron, J. a. M. e. H. C. (2016). Anatomia de ataques a servidores sip. http://www.cert.br/docs/palestras/certbr-ctir2013-1.pdf.

Thermos, P. e Takanen, A. (2008). Securing VoIP Networks, capítulo 3, páginas 53–125. Addison-Wesley.

Weissheimer Júnior, Carlos Alfredo e Bastos, E. L. (2008). Honeynet - estudo teórico e experimentação. Seminário de Pós-Graduação.