Section: New Results
Participants : Rémi Badonnel [ contact ] , Laurent Debricon, Oussema Dabbebi, Olivier Festor.
The main research challenges addressed in our work focused on applying and automating risk management in VoIP networks and services. Telephony over IP is a critical service exposed to multiple security attacks. A large variety of detection and protection mechanisms have been developed for identifying and blocking these attacks. However detection methods have rapidly shown their limits in terms of sensitivity and specificity. Moreover protection mechanisms may have a significant impact on IP telephony performances in terms of operational continuity and quality of service. In that context we have designed a runtime risk management solution for automatically and continuously adapting the exposure of VoIP equipments to the quantified risk level  . This exposure is controlled by the application of graduated security safeguards driven by a dedicated risk model. This solution permits to prevent potential risks while maintaining the VoIP network performances. For that purpose we have extended the Rheostat formal risk model to VoIP infrastructures and have identified a set of adequate security safeguards. We have shown how the restriction and relaxation algorithms can provide a progressive response to risks by activating or deactivating these security safeguards at runtime. The activation of a security safeguard permits to reduce the exposure when the potentiality of an attack is increasing, while its deactivation permits to reduce security costs when this potentiality is decreasing. We have evaluated the performances of our solution through a set of experimental results obtained in the case scenario of SPIT attacks  . We have determined the impact of the two algorithms on the risk level and have quantified their benefits and limits in comparison with traditional approaches. We have also experimented different temporal behaviours of SPIT attacks. The integration of risk models to detection and prevention systems clearly contributes to a more appropriate response to attacks for such critical services. We are interested in extending our risk management solution to a larger scope of VoIP threats and in developing autonomic mechanisms for dynamically refining the risk model parameters.