Method for ensuring information security of a VOIP telephony network with a forecast of an intruder's intrusion strategy

Abstract

Introduction: the development of technologies in the field of information and telecommunications, as well as the unification of networks, and in particular the construction of distributed VoIP telephony networks, allow us to formulate the problem that the known methods of managing the protection of VoIP networks are not effective enough in modern conditions, since they take into account only one side of the information confrontation. Purpose: To develop a method for ensuring the information security of a VoIP telephony network, which allows to increase the probability of VoIP network security by reducing the time required for analyzing the actions of the violator, analyzing and processing risks under the influence of the violator. Results: Based on the proposed structure of an information security management system integrated into a VoIP network, a method for ensuring the information security of a VoIP telephony network under the influence of an intruder has been developed by introducing decision-making support processes in the VoIP network information security management system using intelligent intrusion detection tools distributed across segments. This method allows you to build a graph of events of the intruder's actions, on the basis of which mathematical modeling of MiTM and SPIT attacks on the VoIP telephony network is carried out. As a result of the simulation, the dependence of the successful impact on the internal and external characteristics of attacks is obtained, which is the main one of the developed software, which allows to obtain the values of the probability of security of the VoIP network from the parameters of the intruder's impact for further selection of adequate measures for managing the information security of the VoIP telephony network. The method includes the processes of analyzing the digital stream and determining the parameters of protocols and profiles of intruder attacks. Practical relevance: The developed method provides an opportunity to study issues aimed at the security of the VoIP-telephony network, which is affected by violators.