SlideShare a Scribd company logo

Threats In Vo Ip

Download as DOC, PDF
G
guest209a2c
TechnologyBusiness
1 of 2
Threats in VoIP In August 2006, S. Niccolini submitted a draft to the IETF outlining a taxonomy for VoIP threats. Earlier, the VOIPSA had created an enormous classification for VoIP threats and attacks, but that was quot;too completequot; for practical VoIP security analysis. Although one can argue that any element including the supporting components or protocols in a VoIP deployment can introduce vulnerabilities, it is difficult to foresee every possible future attack and protect every VoIP deployment. Therefore, focusing the analysis on the VoIP application layer is a logical continuation from the existing foundation of best practices and procedures to secure a network. On the other hand, the threats listed in the IETF quot;VoIP Security Threatsquot; draft are threats that should be considered in the protocol design. The first version of the IETF draft listed the following threat categories: • Interception and modification threats • Interruption-of-service threats • Abuse-of-service threats • Social threats 4. For example, only voice needs to be supported in PSTN, whereas in packet-based networks there is voice, video, and data. 5. An IETF draft is a document submitted for review. After it has been reviewed thoroughly by the IETF members, it will later receive an RFC status. 6. Voice over IP Security Alliance (VOIPSA). www.voipsa.org/ 7. S. Niccolini. 2006. VoIP Security Threats. http://tools.ietf.org/id/draft-niccolini-speermint-voipthreats-00.txt There are many different categorizations and taxonomies, and different classifications have different purposes. The VOIPSA takes a very detailed look at threats, to give as much information as possible, which might be overwhelming for some organizations. Nevertheless, it is an important contribution that helps us understand the associated threats. The IETF threat classification categorizes threats based on how the protocol specifications can be improved to minimize the impact of an attack and therefore does not consider issues associated with the supporting infrastructure, such as operating system platforms and network configuration. In this book, we build on and extend the threat taxonomies to distinguish certain attacks that overlap and include attacks that are not specific to the protocol design. Threats associated with VoIP are narrowed into the following categories: • Service disruption and annoyance—The attempt to disrupt the VoIP service, including management, provisioning, access, and operations. Attacks in this category can affect any network element that supports the VoIP service, including routers, DNS servers, SIP proxies, session border controllers, and so on. Such attacks can be initiated either remotely, without having direct access to the target network elements and manipulating the VoIP protocols, or locally, by issuing disruptive instructions or commends. An attacker can target an edge device (for example, a VoIP phone), a core network component, or a collection of components such as SIP proxies that may impact a community of users. This category also includes annoyance attacks such as SPIT (spam through Internet telephony). • Eavesdropping and traffic analysis—The attempt to collect sensitive information to prepare for an attack or gain intelligence. In VoIP (or, generally, Internet multimedia applications), this means that the attacker has the ability to monitor unprotected signaling or media streams that are exchanged between users. This category includes traffic analysis and can be passive or active (that is, collect, store, and analyze or real-time decoding/translation of media packets). The attack aims to extract verbal or textual (for example, credit card number or pin) content from a conversation or analyze communications between parties to establish communication patterns, which can later be used to support other attacks. • Masquerading and impersonation—The ability to impersonate a user, device, or service to gain access to a network, service, network element, or information. This is a distinct category because masquerading attacks can be used to commit fraud, unauthorized access to information, and even service disruption. A special case of a masquerading threat is impersonation, where the attacker can pretend or take over someone's identity in the service. In this category, targets include users, devices, and network elements and can be realized by manipulating the signaling or media streams remotely or through unauthorized access to VoIP components (for example, signaling gateways, the SIP registrar, or DNS servers). For
example, if a telecommunications provider is using only caller ID information to authenticate subscribers to their voice mailboxes, it is possible for an attacker to spoof caller ID information to gain access to a user's voice mailbox. Masquerading attacks in VoIP networks can also be realized by manipulating the underlying protocols that provide support for VoIP (such as ARP, IP, and DNS). • Unauthorized access—The ability to access a service, functionality, or network element without proper authorization. Attacks in this category can be used to support other attacks— including service disruption, eavesdropping, masquerading, and fraud—because the attacker has control of a device, resource, or access to a network. The difference between masquerading and unauthorized access is that the attacker does not need to impersonate another user or network element, but rather can gain direct access using a vulnerability such as a buffer overflow, default configuration, and poor signaling or network access controls. For example, an attacker that has administrative access on a SIP proxy can disrupt VoIP signaling by erasing the operating system's file system, and thus cripple the host and service. Another example is where an attacker has access to a media gateway and installs malicious software to collect media packets and ultimately perform passive eavesdropping on subscriber communications. Unauthorized access can be correlated with threats such as eavesdropping, masquerading, and fraud. • Fraud—The ability to abuse VoIP services for personal or monetary gain. This category of attacks is one of the most critical for telecommunication carriers and providers, along with service continuity and availability. Fraud can be realized by manipulating the signaling messages or the configuration of VoIP components, including the billing systems. Some fraud scenarios feasible in current VoIP implementations can be performed by manipulating the signaling flows of a call. It is expected that more sophisticated fraud techniques will surface as VoIP becomes mainstream. These categories provide a succinct structure in which current and new attacks can be categorized. For example, an attack against the authentication mechanism used by a signaling protocol can be categorized under unauthorized access if the attack allows access to information but does not have financial impact on the organization, or it can be categorized as fraud if it has a financial impact (or overlap in both if necessary).

Recommended

Case study about voip
Case study about voipCase study about voip
Case study about voipelmudthir
 
Securing VoIP Networks
Securing VoIP NetworksSecuring VoIP Networks
Securing VoIP NetworksGENBANDcorporate
 
Ch20 book
Ch20 bookCh20 book
Ch20 bookamitnitttr
 
Telecom Security
Telecom SecurityTelecom Security
Telecom SecurityPriyanka Aash
 
6 Steps to SIP trunking security
6 Steps to SIP trunking security6 Steps to SIP trunking security
6 Steps to SIP trunking securityFlowroute
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhyasandeepsandy75
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesElsa Cariello
 

Recommended

Case study about voip
Case study about voipCase study about voip
Case study about voipelmudthir
 
Securing VoIP Networks
Securing VoIP NetworksSecuring VoIP Networks
Securing VoIP NetworksGENBANDcorporate
 
Ch20 book
Ch20 bookCh20 book
Ch20 bookamitnitttr
 
Telecom Security
Telecom SecurityTelecom Security
Telecom SecurityPriyanka Aash
 
6 Steps to SIP trunking security
6 Steps to SIP trunking security6 Steps to SIP trunking security
6 Steps to SIP trunking securityFlowroute
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Network security by sandhya
Network security by sandhyaNetwork security by sandhya
Network security by sandhyasandeepsandy75
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesElsa Cariello
 
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51martinvoelk
 
Mobile slide
Mobile slideMobile slide
Mobile slideAman singh
 
A Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentA Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentAM Publications,India
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)military
 
End end-security
End end-securityEnd end-security
End end-securityPatatino Melis
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptxKhappiyo
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes MainstreamRob Marson
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版Ploynatcha Akkaraputtipat
 
Network security
Network security Network security
Network securityVikas Jagtap
 
Another proposal
Another proposalAnother proposal
Another proposalKing Portipher
 
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...SSH Communications Security
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Positive approach to security of Core networks
Positive approach to security of Core networksPositive approach to security of Core networks
Positive approach to security of Core networksPositiveTechnologies
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network securityAnkit Anand
 
Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security MonitoringAnton Goncharov
 
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...IJNSA Journal
 
Internet Security Agent
Internet Security AgentInternet Security Agent
Internet Security AgentInternational Journal of Engineering Inventions www.ijeijournal.com
 
T04506110115
T04506110115T04506110115
T04506110115IJERA Editor
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1JeevananthamArumugam
 
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IJNSA Journal
 
Efeseni 4.7-10 Daruiti
Efeseni 4.7-10 DaruitiEfeseni 4.7-10 Daruiti
Efeseni 4.7-10 DaruitiFlorin Enescu
 
2122
21222122
2122michellymoreno
 

More Related Content

What's hot

VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51martinvoelk
 
A Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentA Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentAM Publications,India
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)military
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptxKhappiyo
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes MainstreamRob Marson
 
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...SSH Communications Security
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Positive approach to security of Core networks
Positive approach to security of Core networksPositive approach to security of Core networks
Positive approach to security of Core networksPositiveTechnologies
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network securityAnkit Anand
 
Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security MonitoringAnton Goncharov
 
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...IJNSA Journal
 
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IJNSA Journal
 

What's hot (20)

VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51
 
Mobile slide
Mobile slideMobile slide
Mobile slide
 
A Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile EnvironmentA Survey of Key Management Framework for Wireless Mobile Environment
A Survey of Key Management Framework for Wireless Mobile Environment
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)
 
End end-security
End end-securityEnd end-security
End end-security
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptx
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes Mainstream
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
 
Network security
Network security Network security
Network security
 
Another proposal
Another proposalAnother proposal
Another proposal
 
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
Advanced Privileged Identity Management: Moving Beyond the Gateway Approach t...
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
 
Positive approach to security of Core networks
Positive approach to security of Core networksPositive approach to security of Core networks
Positive approach to security of Core networks
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network security
 
Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security Monitoring
 
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
ENHANCE RFID SECURITY AGAINST BRUTE FORCE ATTACK BASED ON PASSWORD STRENGTH A...
 
Internet Security Agent
Internet Security AgentInternet Security Agent
Internet Security Agent
 
T04506110115
T04506110115T04506110115
T04506110115
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
 
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...
 

Viewers also liked

Efeseni 4.7-10 Daruiti
Efeseni 4.7-10 DaruitiEfeseni 4.7-10 Daruiti
Efeseni 4.7-10 DaruitiFlorin Enescu
 
GeroPsych General Flyer
GeroPsych General FlyerGeroPsych General Flyer
GeroPsych General Flyernatehowell21
 
Efeseni 5.8 14 Copii ai luminii
Efeseni 5.8 14 Copii ai luminiiEfeseni 5.8 14 Copii ai luminii
Efeseni 5.8 14 Copii ai luminiiFlorin Enescu
 
Cuadro del DISEÑO CURRICULAR
Cuadro del DISEÑO CURRICULARCuadro del DISEÑO CURRICULAR
Cuadro del DISEÑO CURRICULARcarmenburbano
 
New Microsoft Power Point Presentation
New Microsoft Power Point PresentationNew Microsoft Power Point Presentation
New Microsoft Power Point PresentationArsh Singh
 
Cunoscandu_L pe Dumnezeu
Cunoscandu_L pe DumnezeuCunoscandu_L pe Dumnezeu
Cunoscandu_L pe DumnezeuFlorin Enescu
 
Hospital Da Estefania
Hospital Da EstefaniaHospital Da Estefania
Hospital Da EstefaniaVera Raposo
 
Learning from the past
Learning from the pastLearning from the past
Learning from the pastaaronfuhrman
 

Viewers also liked (11)

Efeseni 4.7-10 Daruiti
Efeseni 4.7-10 DaruitiEfeseni 4.7-10 Daruiti
Efeseni 4.7-10 Daruiti
 
2122
21222122
2122
 
GeroPsych General Flyer
GeroPsych General FlyerGeroPsych General Flyer
GeroPsych General Flyer
 
Efeseni 5.8 14 Copii ai luminii
Efeseni 5.8 14 Copii ai luminiiEfeseni 5.8 14 Copii ai luminii
Efeseni 5.8 14 Copii ai luminii
 
Cuadro del DISEÑO CURRICULAR
Cuadro del DISEÑO CURRICULARCuadro del DISEÑO CURRICULAR
Cuadro del DISEÑO CURRICULAR
 
Koller Master Editions, CHISHOLM GALLERY, LLC
Koller Master Editions, CHISHOLM GALLERY, LLCKoller Master Editions, CHISHOLM GALLERY, LLC
Koller Master Editions, CHISHOLM GALLERY, LLC
 
New Microsoft Power Point Presentation
New Microsoft Power Point PresentationNew Microsoft Power Point Presentation
New Microsoft Power Point Presentation
 
Cunoscandu_L pe Dumnezeu
Cunoscandu_L pe DumnezeuCunoscandu_L pe Dumnezeu
Cunoscandu_L pe Dumnezeu
 
Hospital Da Estefania
Hospital Da EstefaniaHospital Da Estefania
Hospital Da Estefania
 
22653
2265322653
22653
 
Learning from the past
Learning from the pastLearning from the past
Learning from the past
 

Similar to Threats In Vo Ip

Voice over IP (VOIP) Security Research- A Research
Voice over IP (VOIP) Security Research- A ResearchVoice over IP (VOIP) Security Research- A Research
Voice over IP (VOIP) Security Research- A ResearchIJMER
 
76 s201919
76 s20191976 s201919
76 s201919IJRAT
 
Maheen.Mehnaz 071618056
Maheen.Mehnaz 071618056Maheen.Mehnaz 071618056
Maheen.Mehnaz 071618056mashiur
 
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...Alexander Decker
 
An approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxAn approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxamalouwarda1
 
Abdullah Al Mamun 062507056
Abdullah Al Mamun 062507056Abdullah Al Mamun 062507056
Abdullah Al Mamun 062507056mashiur
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxronak56
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxdaniahendric
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
 
Survey of apt and other attacks with reliable security schemes in manet
Survey of apt and other attacks with reliable security schemes in manetSurvey of apt and other attacks with reliable security schemes in manet
Survey of apt and other attacks with reliable security schemes in manetijctet
 
Askozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Analysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence ProcedureAnalysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence Procedureijsrd.com
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosecCMR WORLD TECH
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosecErfan Mallick
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...SyvilMaeTapinit
 

Similar to Threats In Vo Ip (20)

Voice over IP (VOIP) Security Research- A Research
Voice over IP (VOIP) Security Research- A ResearchVoice over IP (VOIP) Security Research- A Research
Voice over IP (VOIP) Security Research- A Research
 
76 s201919
76 s20191976 s201919
76 s201919
 
Maheen.Mehnaz 071618056
Maheen.Mehnaz 071618056Maheen.Mehnaz 071618056
Maheen.Mehnaz 071618056
 
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...
 
Voice over IP
Voice over IPVoice over IP
Voice over IP
 
An approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxAn approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptx
 
Abdullah Al Mamun 062507056
Abdullah Al Mamun 062507056Abdullah Al Mamun 062507056
Abdullah Al Mamun 062507056
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
Survey of apt and other attacks with reliable security schemes in manet
Survey of apt and other attacks with reliable security schemes in manetSurvey of apt and other attacks with reliable security schemes in manet
Survey of apt and other attacks with reliable security schemes in manet
 
Askozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, EnglishAskozia VoIP Security white paper - 2017, English
Askozia VoIP Security white paper - 2017, English
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
VoIP Threat and Security - I
VoIP Threat and Security - IVoIP Threat and Security - I
VoIP Threat and Security - I
 
Analysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence ProcedureAnalysis of VoIP Forensics with Digital Evidence Procedure
Analysis of VoIP Forensics with Digital Evidence Procedure
 
Mim Attack Essay
Mim Attack EssayMim Attack Essay
Mim Attack Essay
 
V3I6-0108
V3I6-0108V3I6-0108
V3I6-0108
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosec
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosec
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 

Threats In Vo Ip

  • 1. Threats in VoIP In August 2006, S. Niccolini submitted a draft to the IETF outlining a taxonomy for VoIP threats. Earlier, the VOIPSA had created an enormous classification for VoIP threats and attacks, but that was quot;too completequot; for practical VoIP security analysis. Although one can argue that any element including the supporting components or protocols in a VoIP deployment can introduce vulnerabilities, it is difficult to foresee every possible future attack and protect every VoIP deployment. Therefore, focusing the analysis on the VoIP application layer is a logical continuation from the existing foundation of best practices and procedures to secure a network. On the other hand, the threats listed in the IETF quot;VoIP Security Threatsquot; draft are threats that should be considered in the protocol design. The first version of the IETF draft listed the following threat categories: • Interception and modification threats • Interruption-of-service threats • Abuse-of-service threats • Social threats 4. For example, only voice needs to be supported in PSTN, whereas in packet-based networks there is voice, video, and data. 5. An IETF draft is a document submitted for review. After it has been reviewed thoroughly by the IETF members, it will later receive an RFC status. 6. Voice over IP Security Alliance (VOIPSA). www.voipsa.org/ 7. S. Niccolini. 2006. VoIP Security Threats. http://tools.ietf.org/id/draft-niccolini-speermint-voipthreats-00.txt There are many different categorizations and taxonomies, and different classifications have different purposes. The VOIPSA takes a very detailed look at threats, to give as much information as possible, which might be overwhelming for some organizations. Nevertheless, it is an important contribution that helps us understand the associated threats. The IETF threat classification categorizes threats based on how the protocol specifications can be improved to minimize the impact of an attack and therefore does not consider issues associated with the supporting infrastructure, such as operating system platforms and network configuration. In this book, we build on and extend the threat taxonomies to distinguish certain attacks that overlap and include attacks that are not specific to the protocol design. Threats associated with VoIP are narrowed into the following categories: • Service disruption and annoyance—The attempt to disrupt the VoIP service, including management, provisioning, access, and operations. Attacks in this category can affect any network element that supports the VoIP service, including routers, DNS servers, SIP proxies, session border controllers, and so on. Such attacks can be initiated either remotely, without having direct access to the target network elements and manipulating the VoIP protocols, or locally, by issuing disruptive instructions or commends. An attacker can target an edge device (for example, a VoIP phone), a core network component, or a collection of components such as SIP proxies that may impact a community of users. This category also includes annoyance attacks such as SPIT (spam through Internet telephony). • Eavesdropping and traffic analysis—The attempt to collect sensitive information to prepare for an attack or gain intelligence. In VoIP (or, generally, Internet multimedia applications), this means that the attacker has the ability to monitor unprotected signaling or media streams that are exchanged between users. This category includes traffic analysis and can be passive or active (that is, collect, store, and analyze or real-time decoding/translation of media packets). The attack aims to extract verbal or textual (for example, credit card number or pin) content from a conversation or analyze communications between parties to establish communication patterns, which can later be used to support other attacks. • Masquerading and impersonation—The ability to impersonate a user, device, or service to gain access to a network, service, network element, or information. This is a distinct category because masquerading attacks can be used to commit fraud, unauthorized access to information, and even service disruption. A special case of a masquerading threat is impersonation, where the attacker can pretend or take over someone's identity in the service. In this category, targets include users, devices, and network elements and can be realized by manipulating the signaling or media streams remotely or through unauthorized access to VoIP components (for example, signaling gateways, the SIP registrar, or DNS servers). For
  • 2. example, if a telecommunications provider is using only caller ID information to authenticate subscribers to their voice mailboxes, it is possible for an attacker to spoof caller ID information to gain access to a user's voice mailbox. Masquerading attacks in VoIP networks can also be realized by manipulating the underlying protocols that provide support for VoIP (such as ARP, IP, and DNS). • Unauthorized access—The ability to access a service, functionality, or network element without proper authorization. Attacks in this category can be used to support other attacks— including service disruption, eavesdropping, masquerading, and fraud—because the attacker has control of a device, resource, or access to a network. The difference between masquerading and unauthorized access is that the attacker does not need to impersonate another user or network element, but rather can gain direct access using a vulnerability such as a buffer overflow, default configuration, and poor signaling or network access controls. For example, an attacker that has administrative access on a SIP proxy can disrupt VoIP signaling by erasing the operating system's file system, and thus cripple the host and service. Another example is where an attacker has access to a media gateway and installs malicious software to collect media packets and ultimately perform passive eavesdropping on subscriber communications. Unauthorized access can be correlated with threats such as eavesdropping, masquerading, and fraud. • Fraud—The ability to abuse VoIP services for personal or monetary gain. This category of attacks is one of the most critical for telecommunication carriers and providers, along with service continuity and availability. Fraud can be realized by manipulating the signaling messages or the configuration of VoIP components, including the billing systems. Some fraud scenarios feasible in current VoIP implementations can be performed by manipulating the signaling flows of a call. It is expected that more sophisticated fraud techniques will surface as VoIP becomes mainstream. These categories provide a succinct structure in which current and new attacks can be categorized. For example, an attack against the authentication mechanism used by a signaling protocol can be categorized under unauthorized access if the attack allows access to information but does not have financial impact on the organization, or it can be categorized as fraud if it has a financial impact (or overlap in both if necessary).