Voice over IP
1 like555 views
This document discusses security issues related to Voice over Internet Protocol (VoIP). It begins by explaining what VoIP is and some of its early implementations. It then describes the basic protocols and protocol stacks used for VoIP signaling and sessions, including H.323, SIP, and RTP. The document outlines various roles in VoIP systems, such as administrators and operators. It identifies common attacks against VoIP networks like theft of service, man-in-the-middle attacks, IP spoofing, and denial-of-service attacks. It concludes that VoIP inherits security vulnerabilities from the Internet and that encryption, authentication, firewalls, and separating voice and data traffic are needed to secure VoIP networks.
Voice over IP
- 1. Voice over Internet protocol (VoIP) Security: Dawit T.Haile April 27, 2015
- 2. VoIP Basics VoIP defines as the transport of voices as packets over IP based network or internet. VoIP is result of experimental Network voice protocol invented by ARPANET in 1973. Vocaltec brought to the market the first Internet phone software called Internet Phone.
- 3. VoIP Basics These early applications of VoIP were marked by poor sound quality and connectivity. The steps and principles involved in originating VoIP telephone calls are similar to traditional telephony system. VoIP services convert your voice into a digital signal (packets of data) that travels over the IP based Network or Internet. VoIP inherits the internet’s security issues.
- 4. VoIP signalling Protocol Voice over IP has been implemented in various ways using both proprietary protocols and protocols based on open standards. VoIP signalling protocols are divided into two categories: 1.Session Control Protocols 2.Media Control Protocols 1.Session Control Protocols are responsible for the establishment, preservation and tearing down of call sessions. 2.Media Control Protocols are responsible for the creation and tearing down of media connections.
- 5. VoIP signalling Protocol Stack
- 6. Some of the VoIP Protocols H.323 Session Initiation Protocol (SIP) Media Gateway Control Protocol (MGCP) H.248 (also known as Media Gateway Control (Megaco)) Real-time Transport Protocol (RTP) Real-time Transport Control Protocol (RTCP) Secure Real-time Transport Protocol (SRTP) Session Description Protocol (SDP) Skype protocol
- 7. H.323 Protocols The H.323 protocol was one of the first VoIP protocols that found widespread implementation for long- distance traffic, as well as LAN services. H.323 Protocols: defines the protocols to provide audio visual communication sessions on any IP based network. used for transporting voice, video and data communication in IP based network. Supports Secure Real-Time protocol (SRTP) for media confidentiality, and Multimedia Internet Keying (MIKEY) for key exchange.
- 9. Session Initiation Protocol (SIP) SIP is an application-layer control (signalling) protocol used for creating, modifying and terminating sessions with one or more participants. The most common applications of SIP are in Internet telephony for voice and video calls, as well as instant messaging over IP networks. Session management provides the ability to control the attributes of an end-to-end call SIP is gaining more acceptance in the network telephony market
- 10. Session Initiation Protocol (SIP) The main components of SIP-based systems are user agents and servers: User Agents (UAs), are combinations of User Agent Clients (UAC) and User Agent Servers (UAS). A UAC is responsible for initiating a call by sending a URL addressed INVITE to the intended recipient A UAS receives requests and sends back responses.
- 11. Session Initiation Protocol (SIP)
- 12. ROLES IN A BASIC VOIP MODEL The VoIPSA aims to define the security threats against VoIP deployments, services, and end users. Internal Roles 1. Administrator. This role is responsible for maintaining the VoIP network perimeter and auditing the VoIP system in order to monitor user activities. 2. Auditor. This role is responsible for performing audit logs to verify the integrity of the VoIP system. 3. Operator is responsible of protecting the system from being compromised, so that each voice call can be accounted to the appropriate user.
- 13. ROLES IN A BASIC VOIP MODEL External Roles 1. Remote subscriber are users such as employees who occasionally work from home. 2. Law Enforcement Agent is a legal agent who redirects duplicated media packets to law enforcement, for the purpose of wiretapping.
- 14. ATTACKS AGAINST THE VOIP NETWORK Attacks when making/receiving a VoIP Call Theft of service is the ability of a malicious user to place fraudulent calls. this attack. This against the service provider. Man-in-the-middle attacks or Call Interception, VoIP is particularly vulnerable to man-in-the-middle attacks, in which the attacker intercepts call-signalling SIP message traffic and masquerades as the calling party to the called party, or vice versa. IP Spoofing, occurs when a hacker inside or outside a network impersonates a trusted computer. .
- 15. ATTACKS AGAINST THE VOIP NETWORK Repudiation attacks can take place when two parties talk over the phone and later on one party denies that the conversation occurred. Call Hijacking or Redirect attacks could replace a voice mail address with a hacker-specified IP address, opening a channel to the hacker. Denial-of-service (DoS) attacks prevent legitimate users of a network from accessing the features and services provided by the network. Call tampering (Signal protocol tampering) Call tampering is an attack which involves tampering a phone call in progress. Attacks against Softphones occur because as they reside in the data VLAN, they require open access to the voice VLAN in order to access call control, place calls to IP phones, and leave voice messages.
- 16. ATTACKS AGAINST THE VOIP NETWORK B. Registration attacks Brute Force attacks are simply an attempt to try all possible values when attempting to authenticate with a system or crack the crypto key used to create cipher text. Reflection attacks are specifically aimed at SIP systems. It may happen when using http digest authentication (i.e. challenge-response with a shared secret) for both request and response. The IP Spoofing attacks described earlier can also be classified as registration attacks.
- 17. CONCLUSION VoIP has inherited a number of Internet vulnerabilities exploited by malicious person which pose a latent threat to network infrastructures. To defeat VoIP security threats, a well-structured plan needs to be devised. The plan should include voice encryption, authentication, voice-specific firewalls, and separation of data and voice traffic. It is also important that the voice servers and the other components of VoIP networks stay physically secure from intruders.
- 18. THANK YOU!