UPM Institutional Repository

VoIP evidence model: a new forensic method for investigating VoIP malicious attacks


Ibrahim, Mohammed and Abdullah @ Selimun, Mohd Taufik and Dehghantanha, Ali (2012) VoIP evidence model: a new forensic method for investigating VoIP malicious attacks. In: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 26-28 June 2012, Kuala Lumpur, Malaysia. (pp. 201-206).


Although the invention of Voice over Internet Protocol (VoIP) in communication technology created significant attractive services for its users, it also brings new security threats. Criminals exploit these security threats to perform illegal activities such as VoIP malicious attacks, this will require digital forensic investigators to detect and provide digital evidence. Finding digital evidence in VoIP malicious attacks is the most difficult task, due to its associated features with converged network. In this paper, a Model of investigating VoIP malicious attacks is proposed for forensic analysis. The model formalizes hypotheses through information gathering and adopt a Secure Temporal Logic of Action(S-TLA+) in the process of reconstructing potential attack scenario. Through this processes, investigators can uncover unknown attack scenario executed in the process of attack. Subsequently, it is expected that the findings of this paper will provide clear description of attacks as well as generation of more specified evidences.

Download File

[img] PDF
31691.pdf - Published Version
Restricted to Repository staff only

Download (1MB)

Additional Metadata

Item Type: Conference or Workshop Item (Paper)
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.1109/CyberSec.2012.6246116
Publisher: IEEE
Notes: Full text are available at Special Collection Division Office.
Keywords: Voice over IP; Malicious attack; Investigation; Evidence Generation; SIP; S-TLA+; Scenario fragment
Depositing User: Erni Suraya Abdul Aziz
Date Deposited: 04 Aug 2014 00:36
Last Modified: 07 Jun 2016 08:46
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.1109/CyberSec.2012.6246116
URI: http://psasir.upm.edu.my/id/eprint/31691
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item