Multiple design patterns for Voice over IP (VoIP) security

Zahid Anwar; William Yurcik; Ralph E. Johnson; Munawar Hafiz; Roy H. Campbell

doi:10.1109/.2006.1629443

Multiple design patterns for Voice over IP (VoIP) security

Zahid Anwar, William Yurcik, Ralph E. Johnson, Munawar Hafiz, Roy H. Campbell

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Design patterns capture software solutions to specific problems that have evolved over time and reflect many iterations of work. Documenting such patterns promotes proven design and software reuse. There has been a growing amount of work documenting design patterns for security, however, little work specific to VoIP security. In 2005 NIST released a report on recommendations and best practices for securing VoEP, however it lacks the structure, terminology, and ease-of-understanding needed for both technical and non-technical audiences that is an inherent feature of design patterns. In this paper we document three design patterns for VoIP implementations related to specific security problems: (1) secure traversal of firewalls and NATs; (2) detecting and mitigating DDoS attacks; and (3) securing against eavesdropping. With many VoIP vendors rushing products to market with overlapping functionality and requirements for interoperability, documenting design patterns is poised to become an important part of secure programming processes for VoIP.

Original language	English (US)
Title of host publication	25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006
Pages	485-492
Number of pages	8
DOIs	https://doi.org/10.1109/.2006.1629443
State	Published - 2006
Event	25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006 - Phoenix, AZ, United States Duration: Apr 10 2006 → Apr 12 2006

Publication series

Name	Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference
Volume	2006

Other

Other	25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006
Country/Territory	United States
City	Phoenix, AZ
Period	4/10/06 → 4/12/06

Keywords

Internet telephony
Secure traversal of firewalls and NATs
Security design patterns
Threat modeling
VoIP security

ASJC Scopus subject areas

General Engineering

Online availability

10.1109/.2006.1629443

Library availability

Discover UIUC Full Text

Cite this

Anwar, Z., Yurcik, W., Johnson, R. E., Hafiz, M., & Campbell, R. H. (2006). Multiple design patterns for Voice over IP (VoIP) security. In 25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006 (pp. 485-492). Article 1629443 (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference; Vol. 2006). https://doi.org/10.1109/.2006.1629443

Multiple design patterns for Voice over IP (VoIP) security. / Anwar, Zahid; Yurcik, William; Johnson, Ralph E. et al.
25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006. 2006. p. 485-492 1629443 (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference; Vol. 2006).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Anwar, Z, Yurcik, W, Johnson, RE, Hafiz, M & Campbell, RH 2006, Multiple design patterns for Voice over IP (VoIP) security. in 25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006., 1629443, Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference, vol. 2006, pp. 485-492, 25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006, Phoenix, AZ, United States, 4/10/06. https://doi.org/10.1109/.2006.1629443

Anwar Z, Yurcik W, Johnson RE, Hafiz M, Campbell RH. Multiple design patterns for Voice over IP (VoIP) security. In 25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006. 2006. p. 485-492. 1629443. (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference). doi: 10.1109/.2006.1629443

@inproceedings{1f37249d4eca4677a3865612a1c4fb22,

title = "Multiple design patterns for Voice over IP (VoIP) security",

abstract = "Design patterns capture software solutions to specific problems that have evolved over time and reflect many iterations of work. Documenting such patterns promotes proven design and software reuse. There has been a growing amount of work documenting design patterns for security, however, little work specific to VoIP security. In 2005 NIST released a report on recommendations and best practices for securing VoEP, however it lacks the structure, terminology, and ease-of-understanding needed for both technical and non-technical audiences that is an inherent feature of design patterns. In this paper we document three design patterns for VoIP implementations related to specific security problems: (1) secure traversal of firewalls and NATs; (2) detecting and mitigating DDoS attacks; and (3) securing against eavesdropping. With many VoIP vendors rushing products to market with overlapping functionality and requirements for interoperability, documenting design patterns is poised to become an important part of secure programming processes for VoIP.",

keywords = "Internet telephony, Secure traversal of firewalls and NATs, Security design patterns, Threat modeling, VoIP security",

author = "Zahid Anwar and William Yurcik and Johnson, {Ralph E.} and Munawar Hafiz and Campbell, {Roy H.}",

year = "2006",

doi = "10.1109/.2006.1629443",

language = "English (US)",

isbn = "1424401976",

series = "Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference",

pages = "485--492",

booktitle = "25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006",

note = "25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006 ; Conference date: 10-04-2006 Through 12-04-2006",

}

TY - GEN

T1 - Multiple design patterns for Voice over IP (VoIP) security

AU - Anwar, Zahid

AU - Yurcik, William

AU - Johnson, Ralph E.

AU - Hafiz, Munawar

AU - Campbell, Roy H.

PY - 2006

Y1 - 2006

N2 - Design patterns capture software solutions to specific problems that have evolved over time and reflect many iterations of work. Documenting such patterns promotes proven design and software reuse. There has been a growing amount of work documenting design patterns for security, however, little work specific to VoIP security. In 2005 NIST released a report on recommendations and best practices for securing VoEP, however it lacks the structure, terminology, and ease-of-understanding needed for both technical and non-technical audiences that is an inherent feature of design patterns. In this paper we document three design patterns for VoIP implementations related to specific security problems: (1) secure traversal of firewalls and NATs; (2) detecting and mitigating DDoS attacks; and (3) securing against eavesdropping. With many VoIP vendors rushing products to market with overlapping functionality and requirements for interoperability, documenting design patterns is poised to become an important part of secure programming processes for VoIP.

AB - Design patterns capture software solutions to specific problems that have evolved over time and reflect many iterations of work. Documenting such patterns promotes proven design and software reuse. There has been a growing amount of work documenting design patterns for security, however, little work specific to VoIP security. In 2005 NIST released a report on recommendations and best practices for securing VoEP, however it lacks the structure, terminology, and ease-of-understanding needed for both technical and non-technical audiences that is an inherent feature of design patterns. In this paper we document three design patterns for VoIP implementations related to specific security problems: (1) secure traversal of firewalls and NATs; (2) detecting and mitigating DDoS attacks; and (3) securing against eavesdropping. With many VoIP vendors rushing products to market with overlapping functionality and requirements for interoperability, documenting design patterns is poised to become an important part of secure programming processes for VoIP.

KW - Internet telephony

KW - Secure traversal of firewalls and NATs

KW - Security design patterns

KW - Threat modeling

KW - VoIP security

UR - http://www.scopus.com/inward/record.url?scp=33751052258&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33751052258&partnerID=8YFLogxK

U2 - 10.1109/.2006.1629443

DO - 10.1109/.2006.1629443

M3 - Conference contribution

AN - SCOPUS:33751052258

SN - 1424401976

SN - 9781424401970

T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference

SP - 485

EP - 492

BT - 25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006

T2 - 25th IEEE International Performance, Computing, and Communications Conference, 2006, IPCCC 2006

Y2 - 10 April 2006 through 12 April 2006

ER -

Multiple design patterns for Voice over IP (VoIP) security

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this