VoIP network security and forensic models using patterns

Voice over Internet Protocol (VoIP) networks is becoming the most popular telephony system in the world. However, studies of the security of VoIP networks are still in their infancy. VoIP devices and networks are commonly attacked, and it is therefore necessary to analyze the threats against the converged network and the techniques that exist today to stop or mitigate these attacks. We also need to understand what evidence can be obtained from the VoIP system after an attack has occurred.;Many of these attacks occur in similar ways in different contexts or environments. Generic solutions to these issues can be expressed as patterns. A pattern can be used to guide the design or simulation of VoIP systems as an abstract solution to a problem in this environment. Patterns have shown their value in developing good quality software and we expect that their application to VoIP will also prove valuable to build secure systems.;This dissertation presents a variety of patterns (architectural, attack, forensic and security patterns). These patterns will help forensic analysts as well as secure systems developers because they provide a systematic approach to structure the required information and help understand system weaknesses. The patterns will also allow us to specify, analyze and implement network security investigations for different architectures. The pattern system uses object-oriented modeling (Unified Modeling Language) as a way to formalize the information and dynamics of attacks and systems.