Jan. 01, 2006 to Dec. 31, 2006

Low Cost Tools for Secure and Highly Available VoIP Communication Services

SNOCER is a research project supported within the Sixth Framework Programme of the EU Commission. The project acronym stands for "Low Cost Tools for Secure and Highly Available VoIP Communication Services", and as the name indicates the project has a profound emphasis on securing VoIP infrastructure. The solutions investigated in the SNOCER project will lead to the development of security enhancement tools that allow the service provider to monitor the network, detect irregularities such as a denial of service attack or failure of a certain component and taking the appropriate measures to handle these irregularities. These tools will further offer the service provider with the appropriate means for specifying customized rules for enforcing provider specific security policies. Thereby small and medium enterprises entering the VoIP market and aiming at providing VoIP services coupled with their own innovative solutions would be offered effective and yet low cost solutions for securing their VoIP infrastructure and ensuring the reliability and high availability of their services.
The SNOCER project has a duration of 24 months, and started out November 1st 2004. The project has 6 partners.


So far, the standards and products for providing VoIP calls and services have reached a mature state. However, concepts and technologies for securing and ensuring the reliability of VoIP infrastructures are still in its infancy. VoIP technologies are very similar in their nature to web and email services. This due to the fact that VoIP services are based on standardized and open technologies (i.e. SIP, H.323, MEGACO) using servers reachable through the Internet, implemented in software and provided often over general purpose computing hardware. Therefore, such services can suffer from similar security threats in the same manner as Web services. These include denial of service attacks and spam on the one side and unavailability of the services due to network, hardware of software failures on the other.


The SNOCER project will be investigating approaches for overcoming temporal network, hardware and software failures and ensuring the high availability of the offered VoIP services based on low cost distributed concepts. That is instead of relying solely on expensive hardware and multiple network connections as is the case today in PSTN networks, SNOCER will be investigating the possibility of providing highly reliable services based on cooperation between independent providers in a manner ensuring the privacy and security of the customers and providers. In this context denial of service and intrusion detection tools will be developed that allow VoIP providers to monitor their infrastructure, detect irregularities and specify rules and actions that should be automatically executed for handling such cases. This will then be coupled with strategies to achieve high available VoIP infrastructures in a secure and low cost manner.


In the context of SNOCER the main research work will be dedicated on the one hand to protecting the VoIP components of a VoIP provider from attacks and on the other to increasing the availability and reliability of those components. This will involve detecting and identifying attacks on a VoIP infrastructure and enabling the provider to specify rules and policies for dealing with those attacks. Further, to increase the reliability of the system, SNOCER will aim at providing mechanisms allowing the VoIP system to transfer the main functionalities of the VoIP service from one server to the other in a transparent manner. This work will be complemented with an investigation of the interaction between the reliability of the VoIP components and the underlying IP infrastructure.


SNOCER will achieve the following goals:

Solutions for highly available VoIP infrastructures: This part of the work will in the fist stage investigate points of failure of a VoIP infrastructure and provide solutions for achieving highly available components based on distributed architectures. The objectives of this part of the works are thereby:

  • Identify and describe points of failure in a VoIP infrastructure
  • Identify monitoring points and possible alarm utilities for indicating failures and initiating needs recovery mechanisms
  • Provide solutions for supporting high available VoIP infrastructure at low costs

Solutions and tools for secure VoIP infrastructures: This part of the work will concentrate on increasing the availability of VoIP infrastructure by reducing the effects of denial of service attacks. The objectives of this part of the work will thus be:

  • Design and implement a framework for secure VoIP calls to avoid fraud and malicious usage
  • Specify and develop tools for Intrusion and denial of service attack detection
  • Support automatic reaction to security threats based on provider specific rules
  • Integration and testing of developed tools and solutions in a provider’s VoIP infrastructure


  • Aegean University, Greece
  • Embrion, Sweden
  • Nextsoft, Czech Republic
  • Telip, France
  • Voztelecom, Spain