Espace membre

Cet espace est dédié aux étudiants, aux enseignants et au personnel administratif de l'école


Mot de passe oublié?



Doctorate thesis defense of Randa Jabeur Ep Ben Chikha

Doctorate thesis defense on November 18th 2016 at 09H00 AM ,in Amphi II, Sup’Com.

Entitled :Protection against unwanted phone calls and risk management in VoIP network

Presented by : Randa Jabeur Ep Ben Chikha 



Pr. Nabil Tabbane

SUP’Com School of Communication Engineering of Tunis





Pr. Anas Abou El Kalam

National School of Applied Sciences of Marrakech


Dr. Rhouma Rhouma

Higher School of Digital Economy of Mannouba



Pr. Sihem Guemara

SUP’Com School of Communication Engineering of Tunis.




Thesis Director

Pr. Adel Bouhoula

SUP’Com School of Communication Engineering of Tunis



Voice over IP (VoIP) is an innovative technology. It is used to make telephone calls and other multimedia streams over the IP protocol. In recent years, VoIP has attracted much commercial interest. Indeed, it offers flexible telecommunications services while reducing operational costs. However, despite these advantages, the VoIP network is target to several threats that exploit different vulnerabilities related to signaling protocols and voice transport, to intermediate devices (proxy, PBX, Registar, etc.) and to terminal equipments (softphone, hardphone). SPIT (SPAM over Internet Telephony) is one of the major threats in VoIP. Thus, various proactive and reactive security mechanisms are needed (intrusion detection or prevention system, filters, honey pot). However, these mechanisms are limited in terms of sensitivity, specificity and impact on the availability and quality of service of VoIP. Furthermore, active recognition software and VoIP equipments are useful to dynamically adapt the VoIP network security level based on existing vulnerabilities and the current state of the network.

The objective of this thesis is to design a VoIP risk management system in order to coordinate tasks among various security equipments. It also allows to dynamically adjust the level of security provided to summarize the current activity of VoIP and to organize security incidents according to their severity.

This thesis is divided into two parts: The first part tackles a severe threat on VoIP called ”SPIT” (Spam over IP Telephony). We deeply study this threat and we provide a detection method based on learning machine. The second part presents a risk management system in a VoIP network. This system relies particularly on the detection method already developed and uses RORI (Return On Investment Response) metrics that ensures the selection of optimal security measure reducing the impact of a given attack without sacrificing the system functionality.


VoIP, SPIT, behavioral based approach, Risk management, RORI