2. VoIP Basics
VoIP defines as the transport of voices as packets
over IP based network or internet.
VoIP is result of experimental Network voice protocol
invented by ARPANET in 1973.
Vocaltec brought to the market the first Internet
phone software called Internet Phone.
3. VoIP Basics
These early applications of VoIP were marked by
poor sound quality and connectivity.
The steps and principles involved in originating VoIP
telephone calls are similar to traditional telephony
system.
VoIP services convert your voice into a digital signal
(packets of data) that travels over the IP based
Network or Internet.
VoIP inherits the internet’s security issues.
4. VoIP signalling Protocol
Voice over IP has been implemented in various
ways using both proprietary protocols and
protocols based on open standards.
VoIP signalling protocols are divided into two
categories:
1.Session Control Protocols
2.Media Control Protocols
1.Session Control Protocols are responsible for the
establishment, preservation and tearing down of
call sessions.
2.Media Control Protocols are responsible for the
creation and tearing down of media connections.
6. Some of the VoIP Protocols
H.323
Session Initiation Protocol (SIP)
Media Gateway Control Protocol (MGCP)
H.248 (also known as Media Gateway Control
(Megaco))
Real-time Transport Protocol (RTP)
Real-time Transport Control Protocol (RTCP)
Secure Real-time Transport Protocol (SRTP)
Session Description Protocol (SDP)
Skype protocol
7. H.323 Protocols
The H.323 protocol was one of the first VoIP protocols
that found widespread implementation for long-
distance traffic, as well as LAN services.
H.323 Protocols: defines the protocols to provide audio
visual communication sessions on any IP based
network.
used for transporting voice, video and data
communication in IP based network.
Supports Secure Real-Time protocol (SRTP) for media
confidentiality, and Multimedia Internet Keying
(MIKEY) for key exchange.
9. Session Initiation Protocol (SIP)
SIP is an application-layer control (signalling)
protocol used for creating, modifying and
terminating sessions with one or more participants.
The most common applications of SIP are in Internet
telephony for voice and video calls, as well as instant
messaging over IP networks.
Session management provides the ability to control
the attributes of an end-to-end call
SIP is gaining more acceptance in the network
telephony market
10. Session Initiation Protocol
(SIP)
The main components of SIP-based systems are user
agents and servers:
User Agents (UAs), are combinations of User Agent
Clients (UAC) and User Agent Servers (UAS).
A UAC is responsible for initiating a call by sending a
URL addressed INVITE to the intended recipient
A UAS receives requests and sends back responses.
12. ROLES IN A BASIC VOIP MODEL
The VoIPSA aims to define the security threats against
VoIP deployments, services, and end users.
Internal Roles
1. Administrator. This role is responsible for
maintaining the VoIP network perimeter and
auditing the VoIP system in order to monitor user
activities.
2. Auditor. This role is responsible for performing audit
logs to verify the integrity of the VoIP system.
3. Operator is responsible of protecting the system
from being compromised, so that each voice call can be
accounted to the appropriate user.
13. ROLES IN A BASIC VOIP MODEL
External Roles
1. Remote subscriber are users such as employees who
occasionally work from home.
2. Law Enforcement Agent is a legal agent who
redirects duplicated media packets to law
enforcement, for the purpose of wiretapping.
14. ATTACKS AGAINST THE VOIP NETWORK
Attacks when making/receiving a VoIP Call
Theft of service is the ability of a malicious user to
place fraudulent calls. this attack. This against the
service provider.
Man-in-the-middle attacks or Call Interception, VoIP is
particularly vulnerable to man-in-the-middle attacks,
in which the attacker intercepts call-signalling SIP
message traffic and masquerades as the calling party
to the called party, or vice versa.
IP Spoofing, occurs when a hacker inside or outside a
network impersonates a trusted computer.
.
15. ATTACKS AGAINST THE VOIP NETWORK
Repudiation attacks can take place when two parties talk over the
phone and later on one party denies that the conversation occurred.
Call Hijacking or Redirect attacks could replace a voice mail address
with a hacker-specified IP address, opening a channel to the hacker.
Denial-of-service (DoS) attacks prevent legitimate users of a network
from accessing the features and services provided by the network.
Call tampering (Signal protocol tampering) Call tampering is an attack
which involves tampering a phone call in progress.
Attacks against Softphones occur because as they reside in the data
VLAN, they require open access to the voice VLAN in order to access
call control, place calls to IP phones, and leave voice messages.
16. ATTACKS AGAINST THE VOIP NETWORK
B. Registration attacks
Brute Force attacks are simply an attempt to try all
possible values when attempting to authenticate with a
system or crack the crypto key used to create cipher
text.
Reflection attacks are specifically aimed at SIP systems.
It may happen when using http digest authentication
(i.e. challenge-response with a shared secret) for both
request and response.
The IP Spoofing attacks described earlier can also be
classified as registration attacks.
17. CONCLUSION
VoIP has inherited a number of Internet vulnerabilities
exploited by malicious person which pose a latent
threat to network infrastructures.
To defeat VoIP security threats, a well-structured plan
needs to be devised. The plan should include voice
encryption, authentication, voice-specific firewalls, and
separation of data and voice traffic.
It is also important that the voice servers and the other
components of VoIP networks stay physically secure
from intruders.