A Distributed Voice over Internet Protocol and Public Switched Telephone Network Honeynet Framework
Hanif, Zachary D.
MetadataShow full item record
Because of the recent advent of Voice over Internet Protocol technologies, security researchers have had difficulty keeping up with the rapid increase in such electronic spam and related security threats. As a response, Lightning Dog was conceived to provide researchers with the tools and framework needed to gather immediate data from the wild, produced by the spammers themselves. As spammers have repeatedly demonstrated that they will attempt to utilize all possible mediums of communication to contact others, the advent of VoIP has provided them with numerous new avenues of propagating their unwanted messages to legitimate users of the communication system. Lightning Dog is based on a three part system which incorporates baited websites, multiple gathering nodes and a centralized collection and analysis machine for dissecting and cataloging the captured telephonic spam and attack data. This project is particularly notable because it allows researchers to gather and analyze both Voice over Internet Protocol and Public Switched Telephone Network captured telephony spam, thereby allowing researchers to correlate any links between the two mediums of spam publication. As researchers are having difficulty quickly capturing data that accurately reflects either of these two areas of telephonic spam, it is the goal of this project to provide an accessible method to resolve that issue. Lightning Dog proposes a honeynet dedicated to capturing and recording VoIP and PSTN specific data, allowing researchers easy access to recent attacks that are constructed by telephonic attackers, as opposed to having to rely on out-of-date, third-party, or unreliable information. In this paper, the system is introduced, its specific motivations are explained, the specific goals and the final design of the system are presented. Finally, proposed usage and deployment scenarios are presented, along with a review of published related literature and works, and a discussion of the implications and possible future work for this system.