VoIP - Threat Taxonomy


[quote=“VoIPSA”]This VoIP Security Threat Taxonomy is meant to define the many potential security threats to VoIP deployments, services, and end users. Part of the challenge of devising effective VoIP security protections requires first identifying these threats in the first place. The overall goal of this project is to help ground VoIP security awareness in the industry, press, and general public.

A core benefit of this Threat Taxonomy is the actual qualification of risks. While some early press accounts have focused on the potential for VoIP spam and VoIP call hijacking, the consensus of learning from this project is that there are many other threats inherited from traditional data networks (worms, DDoS, etc.) that are more likely to occur today.

Next steps in the framework include documenting advanced attacks that are comprised of several basic threats, incorporating a risk metric guide, and developing a matrix that connects to other VOIPSA projects (Security Requirements, Best Practices, Testing, etc.).[/quote]