About Snocer
 

Motivation

So far, the standards and products for providing VoIP calls and services have reached a mature state. However, concepts and technologies for securing and ensuring the reliability of VoIP infrastructures are still in its infancy. VoIP technologies are very similar in their nature to web and email services. This due to the fact that VoIP services are based on standardized and open technologies (i.e. SIP, H.323, MEGACO) using servers reachable through the Internet, implemented in software and provided often over general purpose computing hardware. Therefore, such services can suffer from similar security threats in the same manner as Web services. These include denial of service attacks and spam on the one side and unavailability of the services due to network, hardware of software failures on the other.

Vision

The SNOCER project will be investigating approaches for overcoming temporal network, hardware and software failures and ensuring the high availability of the offered VoIP services based on low cost distributed concepts. That is instead of relying solely on expensive hardware and multiple network connections as is the case today in PSTN networks, SNOCER will be investigating the possibility of providing highly reliable services based on cooperation between independent providers in a manner ensuring the privacy and security of the customers and providers. In this context denial of service and intrusion detection tools will be developed that allow VoIP providers to monitor their infrastructure, detect irregularities and specify rules and actions that should be automatically executed for handling such cases. This will then be coupled with strategies to achieve high available VoIP infrastructures in a secure and low cost manner.

Scientific Objectives

In the context of SNOCER the main research work will be dedicated on the one hand to protecting the VoIP components of a VoIP provider from attacks and on the other to increasing the availability and reliability of those components. This will involve detecting and identifying attacks on a VoIP infrastructure and enabling the provider to specify rules and policies for dealing with those attacks. Further, to increase the reliability of the system, SNOCER will aim at providing mechanisms allowing the VoIP system to transfer the main functionalities of the VoIP service from one server to the other in a transparent manner. This work will be complemented with an investigation of the interaction between the reliability of the VoIP components and the underlying IP infrastructure.

Technical Objectives

SNOCER will achieve the following goals:

• Solutions for highly available VoIP infrastructures: This part of the work will in the fist stage investigate points of failure of a VoIP infrastructure and provide solutions for achieving highly available components based on distributed architectures. The objectives of this part of the works are thereby:

  • Identify and describe points of failure in a VoIP infrastructure

  • Identify monitoring points and possible alarm utilities for indicating failures and initiating needs recovery mechanisms

  • Provide solutions for supporting high available VoIP infrastructure at low costs

• Solutions and tools for secure VoIP infrastructures: This part of the work will concentrate on increasing the availability of VoIP infrastructure by reducing the effects of denial of service attacks. The objectives of this part of the work will thus be:

  • Design and implement a framework for secure VoIP calls to avoid fraud and malicious usage

  • Specify and develop tools for Intrusion and denial of service attack detection

  • Support automatic reaction to security threats based on provider specific rules

  • Integration and testing of developed tools and solutions in a provider’s VoIP infrastructure