Activities Working Groups.Threat Taxonomy

Threat Taxonomy

Project Leader: Jonathan Zar

This VoIP Security Threat Taxonomy is meant to define the many potential security threats to VoIP deployments, services, and end users. Part of the challenge of devising effective VoIP security protections requires identifying these threats in the first place. The overall goal of this project is to help ground VoIP security awareness in the industry, press, and general public.

A core benefit of this Threat Taxonomy is the actual qualification of risks. While some early press accounts have focused on the potential for VoIP spam and VoIP call hijacking, the consensus of learning from this project is that there are many other threats inherited from traditional data networks (worms, DDoS, etc.) that are more likely to occur today.

Next steps in the framework include documenting advanced attacks that are comprised of several basic threats, incorporating a risk metric guide, and developing a matrix that connects to other VOIPSA projects (Security Requirements, Best Practices, Testing, etc.).

Thank you for contributing.

Download the latest draft

Activities | VOIPSEC | Resources | Membership | About