Attack Patterns in VoIP

International journal of computer applications, 2018

As VoIP (Voice-over-IP) Services are becoming more popular, various types of attacks against them are increasing. SIP (Session Initiation Protocol) is the main protocol that is used in VoIP. SIP is subject to various types of attacks including DoS (Denial-of-Service) attack. This paper reports our experiment of simulating VoIP system using existing open source tools and technology. The simulated VoIP system is used to demonstrate a normal VoIP communication, launching DoS flooding attacks against SIP and implementing a successful Snort-based Intrusion Detection System (IDS) capable of catching suspicious SIP messages. Additionally, we propose a new VoIP architecture, which is based on buffering all incoming messages from clients with the intention of processing the messages in the buffer before they are forwarded to the destination.

Journal of Software, 2007

Voice over IP (VoIP) has had a strong effect on global communications by allowing human voice and fax information to travel over existing packet data networks along with traditional data packets. The convergence of voice and data in the same network brings both benefits and constraints to users. Among the several issues that need to be addressed when deploying this technology, security is one of the most critical. We give an overview of VoIP and provide UML models of some aspects of its infrastructure, including architectures and basic use cases. We present some security patterns that describe mechanisms that can control many of the possible attacks and which could be used to design secure systems.

2006

Design patterns capture software solutions to specific problems that have evolved over time and reflect many iterations of work. Documenting such patterns promotes proven design and software reuse. There has been a growing amount of work documenting design patterns for security, however, little work specific to VoIP security. In 2005 NIST released a report on recommendations and best practices for securing VoIP, however it lacks the structure, terminology, and ease-ofunderstanding needed for both technical and non-technical audiences that is an inherent feature of design patterns.

Journal of emerging technologies and innovative research, 2019

The number of users of VoIP services is increasingevery year. Consequently, VoIP systems get more attractive for attackers. This paper describes the implementation of a low interaction honeypot for monitoring illegal activities in VoIP environments. The honeypot operated during 92 days and collected 3502 events related to the SIP protocol. The analysis of the results allows understanding the modus operandi of the attacks targeted to VoIP infrastructures. These results may be used to improve defence mechanisms such as firewalls and intrusion detection systems.

Voice over Internet Protocol (VoIP) is one of the fastest growing technologies; it is receiving more attention from industries and general public due to its cost reduction and flexibility. However, the technology being deployed on IP data network is faced with a lot of security issues in its deployment. Common threats and attacks within VoIP network will be discussed in this paper. Also, some mitigation strategies that can be used in order to ensure security of VoIP network will be presented.

Voice over Internet Protocol (VoIP) is a new communication technology that uses internet protocol in providing phone services. VoIP provides various forms of benefits such as low monthly fee and cheaper rate in terms of long distance and international calls. However, VoIP is accompanied with novel security threats. Criminals often take advantages of such security threats and commit illicit activities. These activities require digital forensic experts to acquire, analyses, reconstruct and provide digital evidence. Meanwhile, there are various methodologies and models proposed in detecting, analysing and providing digital evidence in VoIP forensic. However, at the time of writing this paper, there is no model formalized for the reconstruction of VoIP malicious attacks. Reconstruction of attack scenario is an important technique in exposing the unknown criminal acts. Hence, this paper will strive in addressing that gap. We propose a model for reconstructing VoIP malicious attacks. To achieve that, a formal logic approach called Secure Temporal Logic of Action(S-TLA+) was adopted in rebuilding the attack scenario. The expected result of this model is to generate additional related evidences and their consistency with the existing evidences can be determined by means of S-TLA+ model checker.

West African Journal of Industrial & Academic Research Vol.14 No.1 June 2015, 2015

There is a fast pace of growth in the use of Voice over Internet Protocol (VoIP) networks owing to the fact that more organisations are deploying IP based voice networks. This invariably has a security concern for the payload as the traffic on IP based voice networks is exposed to threats similar to those found on regular data traffic. Realising end-to-end security has been influenced by numerous exploits targeted at VoIP networks with attendant lower rate of calls than the traditional telephone system. Although the requirements for security as well as accessibility for voice traffic are dissimilar as compared to data traffic, it is equivalently significant to protect this payload from attacks such as spoofing, eavesdropping and man-in-the-middle attacks. These security concerns, due to the flexibility of the VoIP system with corresponding convergence of the voice and data networks pose a plethora of threats to the confidentiality, integrity and availability of the services rendered on VoIP networks. In this paper, the various threats, vulnerabilities and attacks on VoIP networks as well as countermeasures for mitigation will be examined. Finally, the direction for future research work on robust solutions for attack mitigation will be highlighted.

In today's society, Voice services over Internet Protocol (VoIP) have become a real competitor to the traditional Public Switched Telephone Networks (PSTNs) and are much promoted by telecommunication and Internet service providers and Meanwhile, the Session Initial Protocol (SIP) is widely used as a signaling protocol based on HTTP-like request/response exchange to establish multimedia sessions in both wire line and wireless world. However, the original authentication scheme for SIP-based service typically uses HTTP Digest authentication protocol, which is not providing security at an acceptable level. Furthermore, the utilization of open networks, like the Internet, raises several security issues that must be taken into account. On top of that, there are new sophisticated attacks against VoIP infrastructures that enhance the vulnerabilities of the protocols employed for the establishment of a VoIP session. This paper provides a classification of potential attacks against VoIP services, specifically SIP service.

— As with any other technological advancement in use in today's age, security threats are proving to be the major challenges and risks. Knowledge about these security vulnerabilities presents an avenue of protecting organizational assets against virtual attacks. VoIP phone systems are becoming increasingly popular in today's society for business and personal purposes. VoIP services are increasingly productive and cheap, thereby, providing adopters a competitive edge. Voice over Internet Protocol (VoIP) is a widely deployed service since the commencement of voice and data integration. This was done in a bid to reduce cost and management concerns. VoIP uses the same infrastructure as traditional data networks and thus, inherits all the security challenges of a data network. In addition, VoIP exhibit self-inflected problems resulting from network components and the protocol adopted. This paper present the security threats witnessed in VoIP telecommunication. First, the paper explores a brief overview of VoIP techniques including network components, structure, standards and protocols, data processing techniques and quality of service. Second, the paper discusses the security threats in tandem with confidentiality, integrity and availability principle. Examples of security issues under consideration include; spamming, identity spoofing, call tempering, DoS, and Man-in-the-middle attacks among others. Finally, the paper will outline the common countermeasures adopted to mitigate the threats.

Citeseer