IP telephony has become a new paradigm that permits to establish and transmit voice communications with IP networks. Its deployment has been accelerated by the standardization of dedicated signaling protocols. However, VoIP services are faced to several security issues which are inherited from the IP layer or specific to the service. A large variety of protection mechanisms are available to deal with them. However, IP telephony is a real-time service which requires high network performance. The application of countermeasures may significantly affect such a critical service. Risk management provides new perspectives for this issue. This thesis deals with the application of risk management in VoIP infrastructures. The first axis consists in the automation of the risk management process in VoIP enterprise network. In this context, we have developed a mathematical model for assessing risk, a set of progressive countermeasures to counter attack- ers and mitigation algorithms that evaluate the risk level and takes the decision to activate a subset of countermeasures. To improve our strategy, we have coupled it with an anomaly detection system based on SVM and a self-configuration mechanism which provides feedback about countermeasure efficiency. The second axis deals with the extension of our adaptive risk strat- egy to P2PSIP infrastructures. We have implemented a specific risk model and a dedicated set of countermeasures with respect to its peer-to-peer nature. For that, we have identified attack sources and established different threat scenarios. We have analysed the RELOAD framework and proposed trust mechanisms to address its residual attacks. Finally, the third axis focuses on VoIP services in the cloud where we have proposed a risk strategy and several strategies to deploy and apply countermeasures.
