Abstract
We propose a collaborative forensics framework to trace back callers of VoIP services in a multi-network environment. The paper is divided into two parts. The first part discusses the critical components of SIP-based telephony and determines the information needed for traceback in single and multiple Autonomous Systems (ASs). The second part proposes the framework and the entities of collaborative forensics. We also propose an algorithm for merging collected data. The mechanism used to execute collaborative forensics with cooperating units is presented and the procedures used in the collaborative architecture are described. For every entity, we suggest some interesting topics for research.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Endler, D., Ghosal, D., Jafari, R., Karlcut, A., Kolenko, M., Nguyen, N., Walkoe, W., Zar, J.: VoIP Security and Privacy Threat Taxonomy, Public Release 1.0 (2005)
ETSI TR 101 944: Telecommunications security; Lawful interception (LI); Issues on IP Interception (2001)
Dhamankar, R.: Intrusion Prevention: The Future of VoIP Security. White paper. Tipping Point (2005), http://www.tippingpoint.com/pdf/resources/whitepapers/503160-001_TheFutureofVoIPSecurity.pdf
Sengar, H., Wijesekera, D., Wang, H., Jajodia, S.: VoIP Intrusion Detection Through Interacting Protocol State Machines. In: IEEE Dependable Systems and Networks Conference (2006)
Wu, Y., Bagchi, S., Garg, S., Singh, N., Tsai, T.: SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments. In: IEEE Dependable Systems and Networks Conference (2004)
Milaovic, A., Srbljic, S., Razjkevic, I., Sladden, D., Skrobr, D., Matosevic, I.: Distributed System for Lawful Interception in VoIP Networks. In: EUROCON (2003)
Karpagavinayagam, B., State, R., Festor, O.: Monitoring Architecture for Lawful Interception in VoIP Networks. In: Second International Conference on Internet Monitoring and Protection (2007)
Mintz-Habib, M., Rawat, A., Schulzrinne, H., Wu, X.: A VoIP Emergency Services Architecture and Prototype. Computer Communications and Networks (2005)
Skype-the Global Internet Telephony Company
Wang, X., Chen, S., Jajodia, S.: Tracking Anonymous Peer-to-Peer VoIP Call on the Internet. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (2005)
Goodell, G., Aiello, W., Griffin, T., Ioannidis, J., McDaniel, P., Rubin, A.: Working Around BGP: An Incremental Approach to Improving Security and Accuracy of Interdomain Routing. In: The 10th Annual Network and Distributed System Security Symposium (2003)
Dawson, M., Winterbottom, J., Thomson, M.: IP Location- IP Location in Wireline Public Carrier Networks. McGraw-Hill Companies, New York (2007)
Nena, J.: Homeland Security Techniques and Technologies. Charles River Media, INC. (2004)
Bray, T., Paoli, J., Sperberg-McQueen, C., Maler, E.: Extensible Markup Language (XML) 1.0., 2nd edn. W3C Working Draft (2000)
Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol (SIP). RFC 3261, IETF Network Working Group (2002)
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A Transport Protocol for Real-time Applications. RFC 3550, IETF Network Working Group (2003), http://www.ietf.org/rfc/rfc3550.txt?number=3550
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hsu, HM., Sun, Y.S., Chen, M.C. (2008). A Collaborative Forensics Framework for VoIP Services in Multi-network Environments. In: Yang, C.C., et al. Intelligence and Security Informatics. ISI 2008. Lecture Notes in Computer Science, vol 5075. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69304-8_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-69304-8_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69136-5
Online ISBN: 978-3-540-69304-8
eBook Packages: Computer ScienceComputer Science (R0)