| Summary: | 碩士 === 大同大學 === 資訊工程學系(所) === 100 === Due to the low cost of VoIP, it attracts many companies to introduce the technology into the enterprise for internal use to reduce the cost of communication. However, it is quite often that the user confidential information is stolen. In this case, the hacker may impersonate the user to make high cost calls. The extra telephone charges must be paid by the user. This vulnerability of VoIP has also become a major threat of enterprise information security.
This study first proposes the basic security setting, which is often overlooked, for enterprises to implement the VoIP system in order to avoid hacker attacks. For the situation that the user confidential information is being stolen and the hacker try to impersonate the user to make calls, this study proposes two monitoring rules. One is the detection of suspicious registration message such that we can detect in the early stage whether the hacker want to steal confidential information. Another rule is to detect user abnormal conditions to judge whether the account has been stolen and is used to call the high cost phone.
The proposed rules can detect a problem and send message to notify administrator to process in advance. According to the experimental results, the more messages being collected, the detection rate will get higher.
|
|---|
