Security of Voice-over-IP - Report Example

SECURITY OF VoIP 1. Introduction The primary appeal of Voice-over-IP is its ability to save money for customers as well as service providers. It is thought to be very cost effective. Desirable new applications and the bypassing of the switched telephone network and all its toll charges, is driving interest higher. However, the deployment of VoIP like any other technology has its downside. VoIP is an offspring of Internet and consequently inherits all the vulnerabilities of the parent network. Moreover, the Internet is less reliable than the traditional telephone system for connection and this is the reason why VoIP does not provide the high-quality, uninterrupted voice transmissions that businesses required over the telephone. Other problems associated with VoIP implementation are packet loss and fragmentation, and the delay, latency, and jitter that goes with it. Although these are directly considered as threats to security, it certainly affects confidentiality and reliability of VoIP systems. The following sections provide an overview and discuss various vulnerabilities and mitigation techniques in securing a VoIP network. 2. VoIP Protocol Standard Voice-over-IP or simply VoIP is commonly known to deliver voice messages or voice traffic using the Internet Protocol and is the “leading trend all over the world” (Goldberg 2005, p.1). It is a set of protocols and standards that facilitates the transmission of voice at the network layer of the TCP/IP protocol. It is usually done by digitizing analogue voice signals through a digital signal processor or DSP and compressing and decompressing the signals to reduce the bandwidth or transmission rate (Tipton & Krause, 2004, p.139). Voice communication using WLAN technology as an access network is a promising alternative to cellular networks such as 2G & 3G (Zhang et al. 2006). A few of its benefits are cost savings, open standards, multi-vendor interoperability and integrated voice and data services (Palmieri 2006, p.289). However, since VoIP, “a packet-based technology” (DiMarsico et al., 2002, p.143), operates in a different way compared to traditional telephone network, the physical location of clients is not fixed and enormous flexibility is needed to provide enhanced services to end users. For this reason, strong authentication is essential to enable accurate authorization of service use. Since privacy and security are obligatory requirements in any telephony systems and service network, these confidentiality and security matters according to Palmieri (2006) is considered a “major barrier” (p.289) that could prevent deployment of VoIP technologies on a wider scale. Created by the International Telecommunication Union or ITU, the H.323 is one of the three well-known VoIP protocol standards. This standard provides guidelines for real-time, interactive videoconferencing, data sharing, and audio applications such as IP Telephony. However, H.323 protocol does not include LAN and the transport layer that interconnects LAN segments as it applies only to either point-to-point or multipoint sessions. The MGCP or Media Gateway Control Protocol designed exclusively for telephony, gateway is another VoIP protocol standard that provides guidelines for control, signalling, and processing skills on telephony gateways. It is a master/slave protocol where commands sent by call agents that are implementing the signalling layers of H.323 are executed (Kaeo, 2003, p.186). Defined in RFC 3261, the SIP or Session Initiation Protocol, initial published in 2001 for the purpose of altering and terminating IP sessions in a network (Yongfeng et al. 2008, p.1) is considered the primary IETF standard for multimedia conferencing over IP. Unlike H.323 that uses a more traditional circuit-switched approach to signalling, SIP uses ASCII codes that can be use to set up, maintain, and terminate call between two or more endpoints within the application layer control protocol. SIP is part of the IETF multimedia data and control architecture that includes RTP protocols for transporting and providing real-time data and quality of service feedback respectively (Kaeo 2006, p.187). 3. Security Issues in Implementing VoIP Vulnerabilities if exploited can severely harm a system or a network and these weaknesses are not unique to VoIP but affect all networks carrying voice transmissions, regardless of medium. The security of an IP telephone-based network like VoIP depends on a large number of components that include the computer and its operating system, software, modem, telephone, ISPs, etc. Threats to VoIP may be inherited from conventional telephone systems or may come from those components associated with the IP networks or VoIP specific protocols (Douligeris et al. 2007, p.229). Some of the most important security requirements of a VoIP service are integrity, privacy, authenticity, availability or protection from DoS attacks (Davidson et al. 2006, p.221; Gomathi & Bhagyaveni 2008, p.1). Integrity is essential particularly in VoIP signalling since it is critical for a recipient to receive the packets without any alteration. A third party must not be able to modify the packets in transit and similarly, they should not be able to read the data as it can compromise the sender’s and recipient’s privacy. In addition, both parties (sender & recipient) must be authenticated to ensure that the peer they are communicating is the real one. More importantly, the service must be available at all times thus DoS attacks should be prevented (Davidson 2006, p.221). In order for a network to have confidentiality, the information contained, transformed, or transported by that system cannot be read or retrieved by unauthorized entities. The integrity attribute provides reasonable certitude that information contained, transformed, or transported by a system has not been modified by unauthorised entities while in containment, transformation, and in transport. The availability attributes provides a reasonable certitude that information contained, transformed, or transported by a system is at hand and provides a high rate of dependability (Nichols & Lekkas 2006, p.435; Bauman et al. 2006, p.12). IP telephony security risks of data network include attacks that reduce or compromise the functionality of a software system via a buffer or bandwidth overrun. The DoS or Denial of Service occurs when an attacker create certain conditions within a network using specific codes that would trigger a denial of service. There are also types of attack where a third party can monitor, record, block, or alter data transmission and autonomous software that can travel across the Internet and IP networks and infect vulnerable host by replicating themselves. Access control on a VoIP network is often the main concern since limiting access in the name of security may also result in a poor experience or a long-term resentment by users (Wallingford, 2005, p.223; Materna 2006, p.1)). Normally, security and privacy concerns are not often associated with communications but this is not the case with VoIP. This is because enabling voice communication over the Internet faces the same security problems associated with information exchange over the wide area network. Similarly, it also put computer data applications at risk as they sharing the same network. An attack on a vulnerable voice component can spread other network devices and applications. These include IP PBX, gateways, servers, and telephones which are all accessible through the IP network just like any other computing device (Aksoy & DeNardis 2007, p.350). In relation to privacy, private voice conversation over the Internet is vulnerable to interception and monitoring since it cannot be encrypted like data over a network. The reason is the fact that encryption takes time and the quality of voice communication would be severely affected. The complexity of VoIP goes beyond the variety of protocols and extends to how they interact with security. According to Bates & Gregory (2006), the H.323 protocol makes it difficult to secure voice communication (p.563). For instance, a conventional firewall secures the perimeter by defining specific ports through which traffic may enter, and since H.323 uses both static and dynamic ports for call setup, the firewall must open thousands of dynamic and static ports for voice traffic. Consequently, these open ports would create large holes for hackers to exploit. Moreover, since H.323 data are encoded in binary format, conventional firewalls would find it difficult to parse the message and get information to make security decisions. VoIP encoding of speech is not inherently secure and according to Nichols & Lekkas (2001), even though H.323 identifies security features, few manufactures actually comply (p.435). Moreover, although using low bandwidth or proprietary vocoders can enhance the intrinsic security of VoIP voice messages, it is only a matter of time till eavesdroppers identify the gateway vendor. Similarly, a knowledgeable network engineer can easily tap into a conversation somewhere in the IP pipe between gateways even if you are using a higher bandwidth vocoder (p.435). In reality, there are numerous threats in VoIP and they should be given significant considerations. For instance, spam over VoIP is a latent problem and just as with email systems, VoIP is vulnerable to spam or Span-over-Internet Telephony (SPIT). SPIT can disable the VoIP system by as a user who gets too many annoying calls from spammers would hesitate to use VoIP technology. Unlike receiving spam emails where it does us no harm in terms of quality, spam over the Internet Telephony delays and degrades the quality of voice considerably (Ahson & Ilyas 2008, p.372). Another problem is the ‘Rogue sets’ where malicious VoIP applications can conduct any activities to harm the attacked IP network. A Rogue set attack is commonly performing a deception for the purpose of gaining access to someone else’s resources and therefore a security threat to confidentiality because the intruders get unauthorized access to an IP network (Ahson & Ilyas 2008, p.373). 4. VoIP Vulnerabilities and Attacks There are kinds of attacks where the intruder attempts to hack into the system or take advantage of vulnerabilities in registration injecting themselves into the signal path of the VoIP network. These attacks include IP Spoofing, Theft of Service, Reflection Attack, and Brute Force Attack. These attacks can be performed when a person is making or receiving a call. The attacker normally intercepts the route where voice or data packets are being sent. These attacks are classified as Call Hijacking, Eavesdropping, ARP Spoofing, Connection Hijacking, and Signal Protocol Tampering. Other attacks are not interested in information gathering or access to confidential data. Their intention is to simply deny users of the service by isolating the endpoint of network from the rest of the world through switch jamming and flooding the IP PBX with rouge requests. These types of attacks include SIP INVITE Flood, TCP SYN Flood, and Malicious RTP streams. There are also types of attack that are focus on VoIP components or devices since they can be affected easily. These attacks are commonly implemented on IP PBX, Soft phones, and IP Phones (Rizvi and Downland 2007, p.115). Since VoIP is an IP datagram packed with voiced information instead of data, it also subject to the same vulnerabilities of a data-based IP network including ‘spoofing’. Spoofing occurs when a destination host is attacked via trusted hosts. The attacker disables and impersonates the trusted host by changing the source address in the IP header, and monitors the packets travelling between the two systems. IP spoofing is just one type of spoofing as there are ARP, DNS, and Web spoofing. ARP is basic Ethernet protocol and manipulation of ARP packets is a “potent and frequent attack mechanism on VoIP networks” (Porter 2006, p.251). And because ARP has no provision that provide authentication for queries or query replies, users via widely available tools and techniques can sniff traffic on a switched network. DNS Spoofing corrupts the name service cache of the target network or compromise a DNS for a valid domain (Ransome & Rittinghouse 2004, p.354). The attacker replaces the valid cached DNS, Service Records, or NS records that point to the intruder’s server by initiating a zone transfer from the intruder’s DNS server to the target’s misconfigured DNS server (Porter 2006, p.249). For instance, the target DNS server would receive a false record from a certain online bank. When the unsuspecting victim e tried to browse the bank, he or she will be redirected to the attacker’s website for as long as the bogus records are cached. Vishing is considered a social engineering that combines conventional phishing techniques and telephone. A typical vishing method includes sending e-mails to users, prompting them to call a number to enter sensitive information. In the same way but more advanced vishing attacks are being done over voice communications exploiting VoIP solutions and broadcasting services. Vishing is a threat to VoIP for a number of reasons including scalability, automation of fraud, VoIP telephony spoofing capabilities, and abuse of an emergent market traditionally more trusted by consumer’s voice communication (Dunham et al. 2008, p.180). Social engineering tricks can quickly convince naive users into divulging sensitive details thus it is always best to verify the sources or number in the Internet if it is related to previous deceitful activity (Kaeo 2003, p.288). For instance, consider a scenario where a financial officer of a large corporation received a call from someone posing as part of the IS department and requesting to verify users and passwords. An unsuspecting employee may take this a real and legitimate request and willingly submit his username and password to the intruder. Consequently, the intruder can now use the information to gain access to confidential data and do whatever he wishes for personal gain. Voice packets are vulnerable to snooping and a hacker only needs one IP packet monitor sniffing anywhere on the network, intercepting VoIP packets and saved them on a storage device. The most logical way to stop or avoid this modern type of wire-tapping is to encrypt the audio but it takes to time to encrypt and many encryption devices are still too slow for the job. Encryption for VoIP can be a signalling encryption that can provide security over control channels for SIP or H.323 communications. It can also in the form of media encryption that provides protection for RTP streams for voice, video, or fax. The principle behind signalling encryption is to keep confidential control information from unauthorized access. Existing SIP standards specified numerous ways to protect signalling and these include TLS or Transport Layer Security that uses similar technique as in secure Web connections. However, TLS does not guarantee and end-to-end encryption because it runs only over TCP and further need a certificate infrastructure to work between communicating parties (Thulasiraman et al. 2007, p.99). Whether intentional or just a coincidence, DoS attacks are the most difficult VoIP associated threat to defeat. This is because the packet switching nature of data networks can allow multiple connections to share one transport medium. Unlike circuit-switched, an IP terminal endpoint can be use to amplify attacks as it can receive and potentially participate in multiple calls at the same time. In A VoIP networks, resources that include bandwidth must be distributed efficiently and equally to accommodate the maximum number of callers. Attackers who aggressively and abusively getting large amount of resources can therefore disrupt or considerably affect the efficiency of the network. Moreover, the intruder can also flood the network with enormous quantities of packets that result to complete unavailability of services for all users (Porter 2006, p.258; Gomathi & Bhagyaveni 2008, p.2). Viruses and worms can also create DoS conditions because of the network traffic produced by these harmful programs. Viruses and worms can replicate themselves and look out for other host to infect. They are commonly known to cause destruction with even those relatively secured and well-maintained computer networks. Similarly, VoIP is no an exception as by its nature, it is also vulnerable to these kind of attacks. Another problematic attack on VoIP networks is theft of services and information. 5. Mitigating the Risk and Securing VoIP Infrastructure Keeping a VoIP systems secure is essential to preserve dependability of the network and to have consistently high call quality. More, it can also maintain the privacy of information related to user and their phone calls, and avoid corruption or damage to the overall system. Security measures for VoIP network, according to Walker & Hicks (2004) should start with physical security of the facilities and the computers and network inside them. The second move is to make the necessary changes to the existing network and its core equipment because there will numerous IP phones and softphones included in a VoIP deployment and these are potential portals for attack thus they should be secured. To maintain privacy, the conversation or the voice traffic should be encrypted but carefully implemented as delay and jitter can affect the quality of voice transmission. Moreover, due to the complexity of VoIP, best practices in management processes, skills, and tools should be practiced and provided (p.254). It is a common tendency for people to secure their network from intruders but they are also often very lax in securing in giving security to servers, which can be directly attack by other people physically. Physical security according to Ransome & Rittinghouse (2004), is important to ensure the safety of data enter, the network, and VoIP. This is because a non-encrypted VoIP network is vulnerable to anyone with physical access to the office LAN. These people could connect network-monitoring gadgets and tap into telephone conversations. Physical access to VoIP servers and gateways may allow an attacker to monitor network traffic or compromise the system in a matter of minutes. Thus, if no countermeasures are initiated to mitigate some of the most significant risks such as the insertion of sniffers or other network monitoring devices, unauthorized monitoring of data and voice communication is always possible. Adequately physical security is very important to restrict access to VoIP network components and these include installation of barriers, locks, access control systems, and deployment of guards (p.236). “VoIP network security is not a network issue...since there is no such thing as a secure IP network” (Ransome & Rittinghouse 2004, p.257). Sniffing can result in disclosure of confidential information, unprotected user credentials, and the potential for identity theft. It also allows sophisticated malicious users to collect information about users’ VoIP systems that can be used to mount an attack on other systems or on data that might not otherwise be vulnerable. IP networks differ from circuit-switched networks because information is sent over commonly accessible paths. All the tools needed for sniffing, including H.323 and SIP pluggins for packet sniffers are easily accessible on open-source Web sites. In addition, the traditional voice communication platform separate data and voice that enables the system to maintain voice communication even when the data network fails. In VoIP, an attack could be devastating as disruption of an already congested traffic of packets can severely affect the quality of service. In addition, since data packets do not flow over a dedicated connection for the duration of a session, phreakers or hackers could interfere, manipulate the route of packets, and cause delay in certain paths, forcing the packets to take a different path. This enhances occurrence enhances sniffing vulnerability because a phreaker could detect a preferred location to place a sniffing device. It also enhances the DoS vulnerability as an attack to VoIP network can severely diminish the quality of service (Bidgoli 2006, p.34). It is therefore best to ensure the safety of the telephone, conversations, computers, and servers. Detecting and preventing malicious code attacks is a continuing battle and according to Ahson & Ilyas (2008), there a number of measures proposed. For instance, when an intruder perform digital impersonation by adding as set of VoIP application that would be use to attack the network and spoof the identity of a targeted call participant, VoIP applications can perform a network lock-down mechanism (p.373). In this technique, the network administrator is the only person that can add new sets of VoIP application with administrative password. In addition, the new VoIP application being added by the intruder will be rejected if more than three entry passwords are entered. For voice encryption, the most cost-effective way is to use IPSec VPN. This is because IPSec is widely supported as it interoperates well among other devices. Moreover, it uses strong and reliable state-of-the-art encryption algorithms. However, it should be tested to ensure that IPSec stack does not cause considerable delay (Walker & Hicks 2004, p.270). IPSec is tested security countermeasure that can have negative impacts on converge applications. It is ideal for remote offices that are linked over a shared network from ISPs or separating sensitive information in an internal network to the rest of the corporate network traffic. IPSec operates under the SIP layer and permits data transmission over TCP or UDP by setting up a security association between two SIP devices. One this security association and a set of keys have been set up, IPSec encrypts all traffic associated with the same call to match these keys (Dang et al. 2002, p.237). However, although it would not cause any considerable delay in encrypting network traffic, encrypting IP packets would increase their size thus much network resource is needed to transport them. In VoIP packets, IPSec considerable increases the size of the UDP VoIP packet by as much as 63% (Macaulay 2006, p.91). Consequently, network traffic loads would increase and quality of service may be affected. The solution proposed according to Khun et al. (2005) is to apply encryption or decryption at the endpoints alone in the VoIP network but endpoints are not powerful enough to handle computationally demanding encryption mechanism. Thus, it is more rational to do perform encryption between the endpoint and the router (p.74). The intention of a DoS attack is to flood or overwhelm the victim’s resources and disrupt the operation thus a VoIP service must have sufficient capabilities and security mechanisms (Craiger & Shenoi 2007, p.348). Remedies for DoS attacks can include partitioning the logical network at layers 2 and 3, stateful firewalls with application inspection capabilities, policy enforcement to limit flooded packets, and out-of-band management. This is required so that in the event of a DoS attack, management can still monitor the network and respond to other incoming events (Porter 2006, p.258). Another countermeasure proposed by Craiger & Shenoi (2007) is to disable or remove redundant network services, reinforce the operating system, and use a host-based intruder detection system. Another countermeasure is to ensure that firewalls and IDs discard huge sequence numbers and rubbish packets. In addition, to ensure that packets are safe, stateful firewalls with newer technologies such as deep packet inspection can analyse incoming VoIP’s voice packets headers and contents (p.352). VoIP is dependent on many ancillary services for its proper configuration and processes to locate users, manage servers and phones, and to guarantee efficient transport. Moreover, because TFTP, DNS, DHCP, HTTP, SNMP, SSH, and RSVP are all common targets of attacks and exploitation, a VoIP network is always vulnerable. Effective mitigation of these threats is therefore necessary and should be consider as part of the security baseline in which an efficient VoIP network depends. These countermeasures should include firewalls, network and system intrusion detection, authentication systems, anti-virus scanners, and other relevant security controls. Since security in IP telephony is more controllable and expandable that conventional telephony systems, recording and accounting of call details can help provided forensic data when an investigation is required. A well-organized dialling-plan could also help to prevent anonymous abuse. Similarly, user credential and authentication can greatly improve the security of IP telephony applications. Hashing to hide passwords from casual observation is a good security measure since most SIP implementation accommodates authentication of endpoints with MD5-based encrypted credentials. Media encryption has the potential to thwart any attempt to eavesdropped or monitoring VoIP conversations. More importantly, maintaining software can reduce the likelihood of infection from virus and worms that can exploit known network vulnerabilities. It is important to harden VoIP servers, remove unnecessary software, and optimize local firewall policy. Intrusion prevention, testing of vulnerabilities, and cautious monitoring of logs should be a standard practice (Wallingford 2005, p.245). Last and often the least distinct aspect of security is trust, which is according to Traynor et al. (2008), is the ‘expectation of a principal to act in an anticipated manner’ (p.11). Apparently, we need to know whom we trust and thus assessment of trust is critical in the development of a rational security strategy. One of the several components of a VoIP infrastructure that must be evaluated to determine the associated risk is the human factor (Tipton & Krause 2004, p.144). This is because malicious insiders and security policies are all part of the human factor. It refers to matters and conditions where a company policy and guidelines provide the most basic defense and control. It is also significant to situations and environment where people can do some malicious activity that can result in malfunctioning or complete destruction of a system. For instance, although there is an existing policy that prohibits the use of test equipment on a production network with voice traffic, a user who needs an immediate traffic volume may find it convenient to utilize the particular network and unintentionally flood the network with traffic. It is clear therefore that for as long as the system allows an activity, intentional or unintentional, it is always possible that malicious and destructive activities can occur. 6. Conclusion and Future Direction Similar to other technology, deployment of VoIP has its share of problems. VoIP, as an Internet-based technology, inherited almost all the vulnerabilities of the parent network. Privacy and security is the major barrier in VoIP implementation on wider scale. This is because the most important requirements of a VoIP service are integrity, privacy, authenticity, and availability. The security of VoIP relies on a number of components and vulnerabilities may come from these components. If exploited, vulnerabilities inherent in VoIP can severely harm the network. These attacks can be in the form of intrusion that include IP Spoofing, Theft of Service, Reflection Attack, Brute Force Attack, Call Hijacking, Eavesdropping, ARP Spoofing, Viruses and Worms, DoS attacks, and many others. Keeping the VoIP infrastructure safe is therefore essential and some of the mitigating measures should include security of the facilities, changes in network and its components to accommodate numerous IP phones, voice packets encryption without degrading the quality of service, regular software updates and maintenance, and development of rational security strategy. Reference List: Aksoy P. & DeNardis L. (2007). Information Technology in Theory. Canada: Cengage Press Bates R. & Gregory D. (2006). Voice & Data Communications Handbook. US: McGraw-Hill Professional Baumann R., Cavin S., & Schmid S. (2006). Voice Over-IP- Security and SPIT. Retrieved June 21, 2009 from http://www.schmiste.ch/wk06.pdf Craiger P. & Shenoi S. (2007). Advances in digital forensics III: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, January 28-January 31, 2007, US: Springer Dang L., Jennings C., & Kelly D. (2002). Practical VoIP using VOCAL, US: O'Reilly Davidson J., Peters J, Bhatia M/, Kalidindi S/, & Mukherjee S. (2006), Voice over IP Fundamentals, US: Cisco Press DiMarsico B., Phelps T., Yarberry W., & Moore W., (2002). Telecommunications Cost Management. US: CRC Press Douligeris C. & Serpanos D., (2007). Network Security: Current Status and Future Directions. US: John Wiley & Sons Dunham K,, Fogie S., Abu-Nimeh S., & Becher M. (2008). Mobile Malware Attacks and Defense. US: Publisher Syngress Elleithy K, Sobh T., Mahmood A., Iskander M., & Karim M., (2006). Advances in Computer, Information and Systems Sciences, and Engineering: Proceedings of IETA 2005, TeNe 2005 and EIAE 2005, US: Springer Endler D & Collier M. (2006), Hacking exposed VoIP: voice over IP security secrets & solutions, US: PublisherMcGraw-Hill Professional Goldberg M., (2005). Regulating Voice over IP: A solution for the CRTC. Retrieved June 15, 2009 from http://www.mhgoldberg.com/VoIP.pdf Gomathi S. & Bhayaveni M.A. (2008). Secured on Demand Position Based Private Routing Protocol for Mobile Ad hoc Network (SO2P). Journal of Computer Science, Informatics & Electrical Engineering, Volume 2, Issue 1, 2008, Retrieved June 24, 2009 from http://www.scientificjournals.org/journals2008/articles/1333.pdf Kaeo, M., (2003), Designing Network Security: A Practical Guide to Creating a Secure Network Infrastructure, US: Cisco Press Kuhn R., Walsh T., & Fries S. (2005). Security Considerations for Voice Over IP Systems: Recommendations of the National Institute of Standards and Technology. Retrieved June, 15, 2009 from http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf Macaulay T. (2006). Securing Converged IP Networks. US: CRC Press, Materna B.. (2006). Understanding Voice-Over-IP (VoIP) Security. US: VoIP Shield Systems, Retrieved June 20, 2009, from http://www.voipshield.com/media/ ISSA_Understanding_VoIP_Security.pdf Nichols R. & Lekkas P. (2001). Wireless Security: Models, Threats, and Solutions. US: McGraw-Hill Professional Palmieri F., (2006), Improving Authentication in Voice Over IP Infrastructures, K. Elleithy et al. (eds), Advances in Computer, Information and System Sciences, and Engineering, Italy: Springer, 2006, p.289-296 Porter T. (2006). Practical VoIP security, US: Syngress Rizvi S. & Dowland P. (2007). VoIP Security Threats and Vulnerabilities, Advances in Networks, Computing and Communications 4, Proceeding of the MSc/MRes Programmes from the School of Computing, Communications and Electronics, 2005-2006, UK: Lulu.com Thulasiraman P., He X., & Li Xu T. (2007). Frontiers of High Performance Computing and Networking - ISPA 2007 Workshops: ISPA 2007 International Workshops SSDSN, UPWN, WISH, SGC, ParDMCom, HiPCoMB, and IST-AWSN Niagara Falls, Canada, August, 29-31, 2007 Proceedings, Canada: Springer Tipton, H. & Krause, M., (2001). Information Security Management Handbook. US: CRC Press Traynor P., McDaniel P., & La Porta T. (2008). Security for Telecommunications Networks, US: Springer Walker J. & Hicks J., (2004), Taking Charge of Your VoIP Project: Strategies and Solutions for Successful Voip Deployments, US: Publisher Cisco Press Yongfeng H., Tang S., & Yip Y.. (2008). A New Security Architecture for SIP Based P2P Computer Networks. Journal of Computer Science, Informatics & Electrical Engineering, Volume 2, Issue 1, 2008, Retrieved June, 24,2009 from http://www.scientificjournals.org /journals2008/articles/1396.pdf Zhang, Y., Hu H., & Fujise M., (2006). Resource, Mobility, and Security Management in Wireless Networks and Mobile Communications, US: CRC Press Read More

The MGCP or Media Gateway Control Protocol designed exclusively for telephony, gateway is another VoIP protocol standard that provides guidelines for control, signalling, and processing skills on telephony gateways. It is a master/slave protocol where commands sent by call agents that are implementing the signalling layers of H.323 are executed (Kaeo, 2003, p.186). Defined in RFC 3261, the SIP or Session Initiation Protocol, initial published in 2001 for the purpose of altering and terminating IP sessions in a network (Yongfeng et al. 2008, p.1) is considered the primary IETF standard for multimedia conferencing over IP.

Unlike H.323 that uses a more traditional circuit-switched approach to signalling, SIP uses ASCII codes that can be use to set up, maintain, and terminate call between two or more endpoints within the application layer control protocol. SIP is part of the IETF multimedia data and control architecture that includes RTP protocols for transporting and providing real-time data and quality of service feedback respectively (Kaeo 2006, p.187). 3. Security Issues in Implementing VoIP Vulnerabilities if exploited can severely harm a system or a network and these weaknesses are not unique to VoIP but affect all networks carrying voice transmissions, regardless of medium.

The security of an IP telephone-based network like VoIP depends on a large number of components that include the computer and its operating system, software, modem, telephone, ISPs, etc. Threats to VoIP may be inherited from conventional telephone systems or may come from those components associated with the IP networks or VoIP specific protocols (Douligeris et al. 2007, p.229). Some of the most important security requirements of a VoIP service are integrity, privacy, authenticity, availability or protection from DoS attacks (Davidson et al. 2006, p.221; Gomathi & Bhagyaveni 2008, p.1). Integrity is essential particularly in VoIP signalling since it is critical for a recipient to receive the packets without any alteration.

A third party must not be able to modify the packets in transit and similarly, they should not be able to read the data as it can compromise the sender’s and recipient’s privacy. In addition, both parties (sender & recipient) must be authenticated to ensure that the peer they are communicating is the real one. More importantly, the service must be available at all times thus DoS attacks should be prevented (Davidson 2006, p.221). In order for a network to have confidentiality, the information contained, transformed, or transported by that system cannot be read or retrieved by unauthorized entities.

The integrity attribute provides reasonable certitude that information contained, transformed, or transported by a system has not been modified by unauthorised entities while in containment, transformation, and in transport. The availability attributes provides a reasonable certitude that information contained, transformed, or transported by a system is at hand and provides a high rate of dependability (Nichols & Lekkas 2006, p.435; Bauman et al. 2006, p.12). IP telephony security risks of data network include attacks that reduce or compromise the functionality of a software system via a buffer or bandwidth overrun.

The DoS or Denial of Service occurs when an attacker create certain conditions within a network using specific codes that would trigger a denial of service. There are also types of attack where a third party can monitor, record, block, or alter data transmission and autonomous software that can travel across the Internet and IP networks and infect vulnerable host by replicating themselves. Access control on a VoIP network is often the main concern since limiting access in the name of security may also result in a poor experience or a long-term resentment by users (Wallingford, 2005, p.

223; Materna 2006, p.1)). Normally, security and privacy concerns are not often associated with communications but this is not the case with VoIP.

Read More