Model
Digital Document
Publisher
Florida Atlantic University
Description
Voice over Internet Protocol (VoIP) networks is becoming the most popular
telephony system in the world. However, studies of the security of VoIP networks are
still in their infancy. VoIP devices and networks are commonly attacked, and it is
therefore necessary to analyze the threats against the converged network and the
techniques that exist today to stop or mitigate these attacks. We also need to
understand what evidence can be obtained from the VoIP system after an attack has
occurred.
Many of these attacks occur in similar ways in different contexts or environments.
Generic solutions to these issues can be expressed as patterns. A pattern can be used
to guide the design or simulation of VoIP systems as an abstract solution to a problem
in this environment. Patterns have shown their value in developing good quality
software and we expect that their application to VoIP will also prove valuable to build
secure systems.
This dissertation presents a variety of patterns (architectural, attack, forensic and
security patterns). These patterns will help forensic analysts as well, as secure systems
developers because they provide a systematic approach to structure the required
information and help understand system weaknesses. The patterns will also allow us
to specify, analyze and implement network security investigations for different
architectures. The pattern system uses object-oriented modeling (Unified Modeling
Language) as a way to formalize the information and dynamics of attacks and
systems.
telephony system in the world. However, studies of the security of VoIP networks are
still in their infancy. VoIP devices and networks are commonly attacked, and it is
therefore necessary to analyze the threats against the converged network and the
techniques that exist today to stop or mitigate these attacks. We also need to
understand what evidence can be obtained from the VoIP system after an attack has
occurred.
Many of these attacks occur in similar ways in different contexts or environments.
Generic solutions to these issues can be expressed as patterns. A pattern can be used
to guide the design or simulation of VoIP systems as an abstract solution to a problem
in this environment. Patterns have shown their value in developing good quality
software and we expect that their application to VoIP will also prove valuable to build
secure systems.
This dissertation presents a variety of patterns (architectural, attack, forensic and
security patterns). These patterns will help forensic analysts as well, as secure systems
developers because they provide a systematic approach to structure the required
information and help understand system weaknesses. The patterns will also allow us
to specify, analyze and implement network security investigations for different
architectures. The pattern system uses object-oriented modeling (Unified Modeling
Language) as a way to formalize the information and dynamics of attacks and
systems.
Member of