A short introduction to VOIP

1. (VOIP) VOICE NETWORK TECHNOLOGY SECURITY & STRATEGIES
 Presented by: Pankaj Karande
 Class: TE (A)
 Roll no: 3351
Guide:
Prof. M.P. Mali

2. TOPICS TO BE COVERED:
 What is VOIP ?
 How Does VOIP Work?
 Security Concerns & Security Measures.
 Pros & Cons.
 Conclusion.
 References.

3. WHAT IS VOIP?
• VOIP, also known as IP telephony, is the real-time
transmission of voice signals using the Internet Protocol
(IP) over the public Internet or a private data network.
• VOIP allows users to make telephone calls using a
broadband Internet connection instead of an analog phone
line.

4. WORKING OF VOIP:
Fig(1): Voice processing in VOIP network.
The VOIP data processing consists of the following steps:
1) Signaling
2) Encoding
3)Transport

5. SECURITY CONCERNS & SECURITY MEASURES..
1) (DoS) Denial of Service attack:
There are two types:
1) Flood Service Attack.
2) Crash Service Attack.
Fig (2): VOIP specific Dos attack.

6. Counter Measure for (DoS):
 To mitigate the Dos attack, strong
authentication is a key.
 VOIP components should make sure that
they are communicating with legitimate.
 VOIP firewall should be enabled.

7. SECURITY CONCERNS & SECURITY MEASURES..
2) Eavesdropping:
Eavesdropping in which the attacker
makes independent connections with
the
victims and relays messages between
them, making them believe that they
are
talking directly to each other over a
private connection, when in fact the
entire conversation is controlled by the
attacker.

8. Counter Measures for Eavesdropping:
 Encryption of voice packet in the network
should be there to protect against
Eavesdropping.
 If web-based interfaced is made, use of
HTTPS is recommended instead of HTTP.

9. SECURITY CONCERNS & SECURITY MEASURES..
4) Vishing:
 Vishing is another word of VOIP Phishing. The term is combination of
“voice” and “phishing”.
 Vishing is typically used to steal credit card numbers or other information
from the people.

10. 5) (SPITP) Spamming Over Internet
Telephony:
• Spamming is actually sending emails to people against their
will.
• Spam messages can carry viruses and spyware along with
them.

11. PROS..
• The main advantage of VOIP is that PC-to-PC,
calls are free no matter the distance and PC-to-
Phone are nominal.
• For monthly fee you may make unlimited calls
within a geographical area.
• It enables to make calls from anywhere as long as
the a broadband connection is available.

12. CONS..
• VOIP is susceptible to worms, viruses and hacking,
although this is very rare and VOIP developers are
working on VOIP encryption to counter this.
• With VOIP emergency calls, it is hard to locate you
and send help in time.
• Without power VOIP phones are useless, so in
case of emergencies during power cuts it can be a
major disadvantage.

13. CONCLUSION
In VOIP, threats such as DoS (Denial of Service) attack, Eavesdropping,
Vishing, these all above are the common threat which are risky & which
disturbs the VoIP technology in large amount. Due to this there are chances
of leakage of confidential messages which complicates the security
assurance. So to reduce this threat various Security Strategies are applied
various adoption of Security mechanism is carried out such as
Authentication, Encryption and Firewall measures are taken which will not
hamper VoIP technology. “Defense in depth” is a good principle in
defending VOIP.

14. REFERENCE
Websites:
• http://en.wikipedia.org/wiki/VOIP
• http://www.VOIP-info.org/wiki/
• http://computer.howstuffworks.com/ip-telephony5.htm
Papers:
• Yan Zhang, Huimin Huang, Computer Information Institute, ”VOIP Voice Network
Technology Security Strategies”, 978-1-4577-0536-6/11/$26.00 ©2011 IEEE
• David Butcher, Xiangyang Li, and Jinhua Guo, Computer Information Institute,
“Security Challenge And Defense in VOIP Infrastructure”, 1094-6977/$25.00 ©
2007 IEEE