Here we collect articles related to VoIP Security analysis: studies, academic publications, news articles, our own design perspective articles, and importantly security auditing tools. The material referred to from this page is published by third parties and does represent their views.
OUR ARTICLES ON SECURITY DESIGN
requires specialisation. We think this argument counts even more in the security realm where complexity invites attackers to find security holes and makes audits more difficult. As VoIP is currently one of the most complex protocols, we think specialised VoIP solutions are the right choice and security is best served by a professional service operated by experts in a cloud. This is why we focus on implementing VoIP security by Analytics as a Services tools.
has not been the part of the Internet architecture from early on. When it began to catch up, it changed many aspects of the Internet architecture. Today, Software-Defined-Networks and manageable security devices help to answer dynamically to security threats and reduce Time-To-Respond. See our view how middleboxes emerged. Our software architecture aims to be highly effective even in the age of cloud and encryption by correlating various sources of data and generating automated security response.
Intuition + Data + Algorithms
is what makes a program today. We put a parallel to Niklaus Wirth's equations from seventies that placed an equation between Programs and Data + Algorithms. We think the shift from Data to Big Data needs to be compensated on the Algorithm side of the equation by something stronger: that is Algorithms specialised on looking for a needle in haystack. We think that is exactly what Intuition is. We create software that implements intuition and helps to find abnormal network conditions that are hard to find otherwise.
has been fueling innovation in the past two decades. Importantly for us, shift to cloud has created credible business models for open-source companies. See how we perceive the evolution of open-source business model in the past two decades. We keep using open-source for building our software and disclose source code publicly with our commercially licensed software, while keeping the primary focus on offering a complete and comprehensive cloud service.
VULNERABILITY REPORTS AND INCIDENT ANALYSIS
2015: CAIDA: Analysis of a "/0" Stealth Scan from a Botnet
SIP SECURITY TOOLS AND SERVICES
CESNET: SIP Penetration Tests
SIP Vicious Penetration tool
Mr. SIP-based Audit and Attack Tool
ApiBan - Reputation Site
2021: Intuitive's Jiri Kuthan on ClueCon
2020: Sandro Gauci: Offensive Security
2022, Jan 11: Intuitive Labs: the intuitive VoIP analytics service received Cybersecurity Excellence Award from TMCNet
2021, Oct 28: Intuitive Labs: sipcmbeat, SIP security analytics probe, released
2020: Adrian Taylor: The most famous DDoS Attacks in History
2019 (DE): Fabian A. Scherschel: VoIP Sicherheitslücken: Viele Büro Telefonanlagen grundlegend unsicher (VoIP security gaps: Many PBXes insecure)
2019: Irwin Lazar: The Threat of Tall Fraud Persists
2019: Vilija Simkiene: Europol survey: Telecom fraud is on the rise
2020: Y.J. Meijaard et al: Predictive Analytics to Prevent Voice overIP International Revenue Sharing Fraud
2019: N. McInnes et al: Analysis of a PBX Toll Fraud Honeypot
2015: M. Gruber et al: Global VoIP security threats - Large scale validation based on independent honeynets
2014: J. Stanek et al: Analyzing Anomalies in Anonymized SIP Traffic
2007: M. Nassar et al: VoIP Honeypot Architecture
WEB ARTICLES AND WHITEPAPERS
2019: Sophos: The Impossible Puzzle of Cybersecurity