IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network
The paper aims at gathering information about attacks from real internet infrastructure and their analysis. For this purpose, we prepared a set of honeypots monitoring various aspects of VoIP infrastructure including SIP endpoint and SSH terminal emulation. SIP endpoints are registered with real SIP...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
University of Žilina
2013-07-01
|
| Series: | Communications |
| Subjects: | |
| Online Access: | https://komunikacie.uniza.sk/artkey/csl-201311-0033_ip-telephony-server-emulation-for-monitoring-and-analysis-of-malicious-activity-in-voip-network.php |
| _version_ | 1797846936204607488 |
|---|---|
| author | Jakub Safarik Miroslav Voznak Filip Rezac Lukas Macura |
| author_facet | Jakub Safarik Miroslav Voznak Filip Rezac Lukas Macura |
| author_sort | Jakub Safarik |
| collection | DOAJ |
| description | The paper aims at gathering information about attacks from real internet infrastructure and their analysis. For this purpose, we prepared a set of honeypots monitoring various aspects of VoIP infrastructure including SIP endpoint and SSH terminal emulation. SIP endpoints are registered with real SIP registrar and the incoming calls are routed to a honeypot according the rules in dialplan. The honeypot gathers valuable data about hacker's activity with no threat to production systems. Analysis of the honeypot data is crucial for further improvement of existing security mechanisms in VoIP networks. The paper describes the honeypot's behaviour and brings an analysis of a detected malicious activity as well. |
| first_indexed | 2024-04-09T18:03:00Z |
| format | Article |
| id | doaj.art-0644e4cbbb334a9188f67b4b1d9a3036 |
| institution | Directory Open Access Journal |
| issn | 1335-4205 2585-7878 |
| language | English |
| last_indexed | 2024-04-09T18:03:00Z |
| publishDate | 2013-07-01 |
| publisher | University of Žilina |
| record_format | Article |
| series | Communications |
| spelling | doaj.art-0644e4cbbb334a9188f67b4b1d9a30362023-04-14T06:30:50ZengUniversity of ŽilinaCommunications1335-42052585-78782013-07-01152A19119610.26552/com.C.2013.2A.191-196csl-201311-0033IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP NetworkJakub Safarik0Miroslav Voznak1Filip Rezac2Lukas Macura3Department of Telecommunications, Faculty of Electrical Engineering and Computer Science, VSB-TU Ostrava, Ostrava-Poruba, Czech RepublicDepartment of Telecommunications, Faculty of Electrical Engineering and Computer Science, VSB-TU Ostrava, Ostrava-Poruba, Czech RepublicDepartment of Telecommunications, Faculty of Electrical Engineering and Computer Science, VSB-TU Ostrava, Ostrava-Poruba, Czech RepublicDepartment of Telecommunications, Faculty of Electrical Engineering and Computer Science, VSB-TU Ostrava, Ostrava-Poruba, Czech RepublicThe paper aims at gathering information about attacks from real internet infrastructure and their analysis. For this purpose, we prepared a set of honeypots monitoring various aspects of VoIP infrastructure including SIP endpoint and SSH terminal emulation. SIP endpoints are registered with real SIP registrar and the incoming calls are routed to a honeypot according the rules in dialplan. The honeypot gathers valuable data about hacker's activity with no threat to production systems. Analysis of the honeypot data is crucial for further improvement of existing security mechanisms in VoIP networks. The paper describes the honeypot's behaviour and brings an analysis of a detected malicious activity as well.https://komunikacie.uniza.sk/artkey/csl-201311-0033_ip-telephony-server-emulation-for-monitoring-and-analysis-of-malicious-activity-in-voip-network.phpartemisadionaeakippovoip attacksvoip honeypot |
| spellingShingle | Jakub Safarik Miroslav Voznak Filip Rezac Lukas Macura IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network Communications artemisa dionaea kippo voip attacks voip honeypot |
| title | IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network |
| title_full | IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network |
| title_fullStr | IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network |
| title_full_unstemmed | IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network |
| title_short | IP Telephony Server Emulation for Monitoring and Analysis of Malicious Activity in VOIP Network |
| title_sort | ip telephony server emulation for monitoring and analysis of malicious activity in voip network |
| topic | artemisa dionaea kippo voip attacks voip honeypot |
| url | https://komunikacie.uniza.sk/artkey/csl-201311-0033_ip-telephony-server-emulation-for-monitoring-and-analysis-of-malicious-activity-in-voip-network.php |
| work_keys_str_mv | AT jakubsafarik iptelephonyserveremulationformonitoringandanalysisofmaliciousactivityinvoipnetwork AT miroslavvoznak iptelephonyserveremulationformonitoringandanalysisofmaliciousactivityinvoipnetwork AT filiprezac iptelephonyserveremulationformonitoringandanalysisofmaliciousactivityinvoipnetwork AT lukasmacura iptelephonyserveremulationformonitoringandanalysisofmaliciousactivityinvoipnetwork |