Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc ...
1, prevalent network threats and telecommunication security challenges and co...Alexander Decker
1) The document discusses security challenges and threats in VoIP networks, including eavesdropping, toll fraud, denial of service attacks, spam over internet telephony, and pharming attacks.
2) It proposes several defense measures to prevent these threats, such as intrusion detection systems, filtering techniques to resist spam, and load balancing algorithms to mitigate flash crowd attacks.
3) The vulnerabilities of VoIP networks arise because they use the open Internet for transmission, leaving them exposed to the security issues that exist on IP-based networks.
This document discusses a fraud monitoring system for voice over internet protocol (VoIP) telephony. It begins with an introduction to VoIP and defines fraud. It then discusses the history of VoIP and how VoIP connections work. Key points discussed include quality of service requirements, protocols used in VoIP like SIP and H.323, and security challenges like dynamic addressing and firewalls. The document examines how a fraud management system could address these security issues to help secure VoIP networks.
THE GOOD SEED DROP-IN, Website - (goodseedcdc.org) MISSION.docxrtodd33
The Good Seed Drop-In center provides supportive housing, job training, comprehensive services, and individualized planning to help homeless youth ages 18-25 in California live and thrive. They serve populations experiencing homelessness, mental health issues, and substance abuse issues. Their programs include supportive housing, emergency shelters, job training, and homeless outreach. Their mission is to ensure youth have the tools to achieve their goals and live meaningful lives.
This document discusses implementing Voice over IP (VoIP) and IP Multimedia Subsystem services over WiMAX wireless networks. It addresses introducing VoIP and multimedia transmission over wireless, using soft switching for compatibility with WiMAX. It also discusses challenges like ensuring voice quality, security, and E911 support. Finally, it explores services like video on demand that WiMAX networks can provide using IP Media Subsystem technologies.
Voice over IP (VOIP) Security Research- A ResearchIJMER
This document summarizes research on Voice over IP (VoIP) security. It begins with an overview of SIP (Session Initiation Protocol), a commonly used VoIP standard, and a taxonomy of VoIP security threats. It then surveys existing research on VoIP security classified according to the threat categories. The research covers threats like eavesdropping, denial of service attacks, toll fraud, and spam over IP telephony (SPIT). Approaches studied include encryption, authentication, reputation systems, audio fingerprinting, and Turing tests to detect automated SPIT callers. The goal is to identify gaps and guide future work on analyzing VoIP attackers and improving the security and resilience of VoIP systems.
The document discusses how multi-service business gateways can secure enterprise VoIP networks by addressing various security threats. It outlines four categories of security threats to VoIP systems: network level threats, media threats, communication session threats, and application level threats. It then provides examples of network level threats like denial of service attacks and solutions like firewalls and VPNs. It also discusses securing RTP media by encrypting payloads and verifying integrity through hashing. Finally, it outlines how session border controllers within the business gateways can help secure communication sessions by preventing man-in-the-middle attacks and unauthorized session attempts through measures like encryption, access control lists, infrastructure hiding, and monitoring.
The document discusses the course ECE 6570 Telecomm Security Protocols. It defines telecommunications, protocols, and security. It outlines the schedule and topics to be covered in the course, including telecommunications, protocols, and security over three sections. It also describes the grading breakdown and homework assignments.
1, prevalent network threats and telecommunication security challenges and co...Alexander Decker
1) The document discusses security challenges and threats in VoIP networks, including eavesdropping, toll fraud, denial of service attacks, spam over internet telephony, and pharming attacks.
2) It proposes several defense measures to prevent these threats, such as intrusion detection systems, filtering techniques to resist spam, and load balancing algorithms to mitigate flash crowd attacks.
3) The vulnerabilities of VoIP networks arise because they use the open Internet for transmission, leaving them exposed to the security issues that exist on IP-based networks.
This document discusses a fraud monitoring system for voice over internet protocol (VoIP) telephony. It begins with an introduction to VoIP and defines fraud. It then discusses the history of VoIP and how VoIP connections work. Key points discussed include quality of service requirements, protocols used in VoIP like SIP and H.323, and security challenges like dynamic addressing and firewalls. The document examines how a fraud management system could address these security issues to help secure VoIP networks.
THE GOOD SEED DROP-IN, Website - (goodseedcdc.org) MISSION.docxrtodd33
The Good Seed Drop-In center provides supportive housing, job training, comprehensive services, and individualized planning to help homeless youth ages 18-25 in California live and thrive. They serve populations experiencing homelessness, mental health issues, and substance abuse issues. Their programs include supportive housing, emergency shelters, job training, and homeless outreach. Their mission is to ensure youth have the tools to achieve their goals and live meaningful lives.
This document discusses implementing Voice over IP (VoIP) and IP Multimedia Subsystem services over WiMAX wireless networks. It addresses introducing VoIP and multimedia transmission over wireless, using soft switching for compatibility with WiMAX. It also discusses challenges like ensuring voice quality, security, and E911 support. Finally, it explores services like video on demand that WiMAX networks can provide using IP Media Subsystem technologies.
Voice over IP (VOIP) Security Research- A ResearchIJMER
This document summarizes research on Voice over IP (VoIP) security. It begins with an overview of SIP (Session Initiation Protocol), a commonly used VoIP standard, and a taxonomy of VoIP security threats. It then surveys existing research on VoIP security classified according to the threat categories. The research covers threats like eavesdropping, denial of service attacks, toll fraud, and spam over IP telephony (SPIT). Approaches studied include encryption, authentication, reputation systems, audio fingerprinting, and Turing tests to detect automated SPIT callers. The goal is to identify gaps and guide future work on analyzing VoIP attackers and improving the security and resilience of VoIP systems.
The document discusses how multi-service business gateways can secure enterprise VoIP networks by addressing various security threats. It outlines four categories of security threats to VoIP systems: network level threats, media threats, communication session threats, and application level threats. It then provides examples of network level threats like denial of service attacks and solutions like firewalls and VPNs. It also discusses securing RTP media by encrypting payloads and verifying integrity through hashing. Finally, it outlines how session border controllers within the business gateways can help secure communication sessions by preventing man-in-the-middle attacks and unauthorized session attempts through measures like encryption, access control lists, infrastructure hiding, and monitoring.
The document discusses the course ECE 6570 Telecomm Security Protocols. It defines telecommunications, protocols, and security. It outlines the schedule and topics to be covered in the course, including telecommunications, protocols, and security over three sections. It also describes the grading breakdown and homework assignments.
A Presentation by:
REMMY NWEKE, 2016 Fellow, Cyber Security Policy Defender
Secretary, Cyber Security Experts Association of Nigeria (CSEAN)
Lagos Branch
To mark the Cyber Security Awareness Campaign,
October 2016
The document provides an overview of Voice over IP (VoIP) including its benefits and requirements. VoIP allows phone calls to be made over an IP network like the internet rather than the traditional public switched telephone network. It provides benefits like reduced costs and integrated services. However, deploying VoIP requires addressing requirements around services, quality of service, security, billing and network interconnection to provide equivalence to the PSTN. The document also discusses protocols used for VoIP like OSI and layers of the OSI model.
IRJET- Security Analysis and Improvements to IoT Communication Protocols ...IRJET Journal
This document discusses security issues with the Constrained Application Protocol (CoAP) which is commonly used for Internet of Things (IoT) communication. It first provides background on CoAP, including its architecture and use of Datagram Transport Layer Security (DTLS) for security. However, the document notes that while DTLS provides some security, it is not fully sufficient to protect data at large volumes. The document then reviews literature on security issues at different layers of IoT systems, such as perception, physical, and network layers. Specific attacks discussed include jamming, node tampering, man-in-the-middle, denial of service, and eavesdropping. The aim of the paper is to analyze CoAP security
The transport layer is responsible for host-to-host communication and provides services like reliable data transfer, flow control, and multiplexing. Common transport layer protocols include TCP and UDP, which provide connection-oriented and connectionless services respectively, and help applications exchange data over network layers. The transport layer sits above the network layer and below the application layer in network stacks.
This document provides an overview of security issues in WiMAX networks and proposes solutions. It discusses three main security goals in wireless networks: confidentiality, integrity, and authentication. It then describes WiMAX security architecture, including data link layer security with encryption sublayers, and protocol layer security schemes like RSA authentication and EAP authentication. Potential threats to WiMAX security are outlined, such as rogue base stations, DoS attacks, man-in-the-middle attacks, and threats in the physical layer like blocking and rushing. Finally, conclusions are drawn about precautions taken in WiMAX compared to earlier wireless standards.
This document discusses challenges facing corporate IT customer service, using Equity Bank as an example. It identifies customer satisfaction as a major problem, as customers often feel their needs are not properly addressed. The author proposes improving customer care by understanding customer needs and addressing them promptly. A project plan is outlined to intervene, with the goal of benefiting customers long-term. Key execution steps include understanding customers, empowering agents with real-time information, and focusing on consistent agent experiences through business process management.
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
The growing volume of attacks on the Internet has
increased the demand for more robust systems and
sophisticated tools for vulnerability analysis, intrusion
detection, forensic investigations, and possible responses.
Current hacker tools and technologies warrant reengineering
to address cyber crime and homeland security. The being
aware of the flaws on a network is necessary to secure the
information infrastructure by gathering network topology,
intelligence, internal/external vulnerability analysis, and
penetration testing. This paper has as main objective to
minimize damages and preventing the attackers from
exploiting weaknesses and vulnerabilities in the 4 ways
handshake (WIFI).
We equally present a detail study on various attacks and
some solutions to avoid or prevent such attacks in WLAN.
This document discusses security issues related to Voice over Internet Protocol (VoIP). It begins by explaining what VoIP is and some of its early implementations. It then describes the basic protocols and protocol stacks used for VoIP signaling and sessions, including H.323, SIP, and RTP. The document outlines various roles in VoIP systems, such as administrators and operators. It identifies common attacks against VoIP networks like theft of service, man-in-the-middle attacks, IP spoofing, and denial-of-service attacks. It concludes that VoIP inherits security vulnerabilities from the Internet and that encryption, authentication, firewalls, and separating voice and data traffic are needed to secure VoIP networks.
This document discusses Internet of Things (IoT) security technologies. It describes how IoT security involves protecting devices, communication pipes, platforms and applications. It outlines Huawei's "3T+1M" IoT security framework which leverages technologies, scenarios and management to provide comprehensive protection. Examples of typical IoT security cases and how Huawei addresses threats at each layer of the IoT architecture are also presented.
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsEditor IJCATR
Due to extensive growth of the Internet and increasing availability of tools and methods for intruding and attacking
networks, intrusion detection has become a critical component of network security parameters. TCP/IP protocol suite is the defacto
standard for communication on the Internet. The underlying vulnerabilities in the protocols is the root cause of intrusions. Therefor
Intrusion detection system becomes an important element in network security that controls real time data and leads to huge
dimensional problem. Processing large number of packets and data in real time is very difficult and costly. Therefor data preprocessing
is necessary to remove redundant and unwanted information from packets and clean network data. Here, we are focusing on
two important aspects of intrusion detection; one is accuracy and other is performance. The layered approach of TCP/IP model can be
applied to packet pre-processing to achieve early and faster intrusion detection. Motivation for the paper comes from the large impact
data preprocessing has on the accuracy and capability of anomaly-based NIPS. In this paper it is demonstrated that high attack
detection accuracy can be achieved by using layered approach for data preprocessing in Internet. To reduce false positive rate and to
increase efficiency of detection, the paper proposed framework for preprocessing in intrusion prevention system. We experimented
with real time network traffic as well as he KDDcup99 dataset for our research.
GENBAND has implemented a multi-layer security architecture and threat mitigation solution using session border controllers to protect VoIP networks from security vulnerabilities like denial of service attacks, theft of service, and others. The solution uses deep packet inspection, access control, topology hiding, and other methods at the network, session, and application layers to detect and prevent a wide range of threats. It can process traffic at wire speeds even during attacks to minimize disruption.
This document provides an overview of Denial of Service (DoS) attacks on Session Initiation Protocol (SIP) based Voice over Internet Protocol (VoIP) infrastructure. It first introduces VoIP and SIP, describing SIP components and messages. It then discusses security issues with SIP such as eavesdropping, message tampering, and spoofing. Several types of SIP DoS attacks are classified, including SIP message payload tampering, SIP message flow tampering, and SIP message flooding attacks. The document concludes by stating that SIP DoS attacks can render SIP services inoperable and discussing previous work on analyzing the robustness of SIP servers under DoS attacks.
The document provides an overview of security requirements and constraints for voice over IP (VoIP) systems. It discusses security characteristics of existing VoIP protocols like H.323 and SIP, including authentication and encryption capabilities. It then lists key security requirements for VoIP like dynamic firewall control, bandwidth management, and encryption of signaling and media traffic. Finally, it analyzes security constraints imposed by factors like delay sensitivity of real-time voice, which can impact the use of public-key cryptography for authentication between all devices in the network.
Madhumita Routray presented on Internet Protocol Telephony. The presentation covered:
1. IP telephony uses IP networks to transmit voice traffic instead of traditional telephone networks. It has lower costs and provides more features.
2. The architecture includes end devices, gateways, and gatekeepers. Protocols like H.323 and SIP are used to connect the different components.
3. IP telephony works by digitizing voice into packets that are transmitted over IP networks and reassembled at their destination. There are challenges around quality of service and integrating with traditional telephone networks.
The document discusses techniques for detecting denial-of-service (DoS) attacks in Session Initiation Protocol (SIP)-based Voice over IP (VoIP) networks. It reviews several proposed detection mechanisms, including statistical detection using Hellinger's distance, a double-layered architecture using traffic scanning, and a distributed filtering mechanism. It also summarizes a mitigation mechanism that analyzes SIP messages and calls and a technique using entropy analysis to identify attacks. Overall, the document surveys different existing approaches for detecting DoS attacks that aim to disrupt availability in SIP-based VoIP networks.
This paper presents a brief study of recent advances in wireless network security issues. The paper makes a number of contributions to the wireless networking field. First, it studies the 4G mail threats and risk and their design decisions. Second, the security of 4G architecture with next generation network security and 8-security dimensions of 4G network. Third, security issues and possible threats on 4G are discussed. Finally, we proposed four layer security model which manages to ensure more secure packets transmission by taking all the necessary security measures.
This document summarizes a research paper on VoIP security. It discusses two important VoIP protocols, SIP and H.323, and analyzes their security features. It also defines new functionality for negotiating security mechanisms between SIP entities. Several security issues are identified for VoIP, such as denial of service attacks. Solutions to improve VoIP security include encryption at endpoints, using SRTP, better scheduling, and resolving NAT/IPsec incompatibilities.
Voice over Internet Protocol (VoIP) is replacing legacy telephone networks by carrying digitized voice in IP data packets over data networks. This chapter introduces VoIP, comparing it to legacy telephone networks, and discusses VoIP standards and protocols. It also introduces WiMAX networks and discusses supporting QoS for multimedia like VoIP over WiMAX. The objectives are to guarantee QoS for multiple service classes over WiMAX and improve VoIP performance. Simulation using OPNET Modeler will analyze VoIP traffic and QoS parameters over WiMAX.
Variables in a Research Study and Data CollectionIn this assignmen.docxdaniahendric
Variables in a Research Study and Data Collection
In this assignment, you will explore the variables involved in a research study.
Complete the following tasks:
Read the following articles from the Cumulative Index to Nursing and Allied Health Literature (CINAHL) Database in the South University Online Library.
Lee, A., Craft-Rosenberg, M. (2010). Ineffective family participation in
professional care: A concept analysis of a proposed nursing
diagnosis.
Nurs Diagn
. 2002 Jan-Mar;
13
(1), 5–14.
Witt, C. M., Lüdtke, R., Willich, S. N. (2010). Homeopathic treatment
of patients with migraine: A prospective observational study with
a 2-year follow-up period.
J Altern Complement Med
. 2010 Apr;
16
(4), 347–55. doi: 10.1089/acm.2009.0376.
Read the process for data collection employed in both these studies. Compare the method used in each of them.
Provide a bulleted list of the five tasks performed as part of data collection in each of them. Click
here
to enter your responses in the organizer.
.
Variation exists in virtually all parts of our lives. We often see v.docxdaniahendric
Variation exists in virtually all parts of our lives. We often see variation in results in what we spend (utility costs each month, food costs, business supplies, etc.). Consider the measures and data you use (in either your personal or job activities). When are differences (between one time period and another, between different production lines, etc.) between average or actual results important? How can you or your department decide whether or not the observed differences over time are important? How could using a mean difference test help?
.
More Related Content
Similar to AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
A Presentation by:
REMMY NWEKE, 2016 Fellow, Cyber Security Policy Defender
Secretary, Cyber Security Experts Association of Nigeria (CSEAN)
Lagos Branch
To mark the Cyber Security Awareness Campaign,
October 2016
The document provides an overview of Voice over IP (VoIP) including its benefits and requirements. VoIP allows phone calls to be made over an IP network like the internet rather than the traditional public switched telephone network. It provides benefits like reduced costs and integrated services. However, deploying VoIP requires addressing requirements around services, quality of service, security, billing and network interconnection to provide equivalence to the PSTN. The document also discusses protocols used for VoIP like OSI and layers of the OSI model.
IRJET- Security Analysis and Improvements to IoT Communication Protocols ...IRJET Journal
This document discusses security issues with the Constrained Application Protocol (CoAP) which is commonly used for Internet of Things (IoT) communication. It first provides background on CoAP, including its architecture and use of Datagram Transport Layer Security (DTLS) for security. However, the document notes that while DTLS provides some security, it is not fully sufficient to protect data at large volumes. The document then reviews literature on security issues at different layers of IoT systems, such as perception, physical, and network layers. Specific attacks discussed include jamming, node tampering, man-in-the-middle, denial of service, and eavesdropping. The aim of the paper is to analyze CoAP security
The transport layer is responsible for host-to-host communication and provides services like reliable data transfer, flow control, and multiplexing. Common transport layer protocols include TCP and UDP, which provide connection-oriented and connectionless services respectively, and help applications exchange data over network layers. The transport layer sits above the network layer and below the application layer in network stacks.
This document provides an overview of security issues in WiMAX networks and proposes solutions. It discusses three main security goals in wireless networks: confidentiality, integrity, and authentication. It then describes WiMAX security architecture, including data link layer security with encryption sublayers, and protocol layer security schemes like RSA authentication and EAP authentication. Potential threats to WiMAX security are outlined, such as rogue base stations, DoS attacks, man-in-the-middle attacks, and threats in the physical layer like blocking and rushing. Finally, conclusions are drawn about precautions taken in WiMAX compared to earlier wireless standards.
This document discusses challenges facing corporate IT customer service, using Equity Bank as an example. It identifies customer satisfaction as a major problem, as customers often feel their needs are not properly addressed. The author proposes improving customer care by understanding customer needs and addressing them promptly. A project plan is outlined to intervene, with the goal of benefiting customers long-term. Key execution steps include understanding customers, empowering agents with real-time information, and focusing on consistent agent experiences through business process management.
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
The growing volume of attacks on the Internet has
increased the demand for more robust systems and
sophisticated tools for vulnerability analysis, intrusion
detection, forensic investigations, and possible responses.
Current hacker tools and technologies warrant reengineering
to address cyber crime and homeland security. The being
aware of the flaws on a network is necessary to secure the
information infrastructure by gathering network topology,
intelligence, internal/external vulnerability analysis, and
penetration testing. This paper has as main objective to
minimize damages and preventing the attackers from
exploiting weaknesses and vulnerabilities in the 4 ways
handshake (WIFI).
We equally present a detail study on various attacks and
some solutions to avoid or prevent such attacks in WLAN.
This document discusses security issues related to Voice over Internet Protocol (VoIP). It begins by explaining what VoIP is and some of its early implementations. It then describes the basic protocols and protocol stacks used for VoIP signaling and sessions, including H.323, SIP, and RTP. The document outlines various roles in VoIP systems, such as administrators and operators. It identifies common attacks against VoIP networks like theft of service, man-in-the-middle attacks, IP spoofing, and denial-of-service attacks. It concludes that VoIP inherits security vulnerabilities from the Internet and that encryption, authentication, firewalls, and separating voice and data traffic are needed to secure VoIP networks.
This document discusses Internet of Things (IoT) security technologies. It describes how IoT security involves protecting devices, communication pipes, platforms and applications. It outlines Huawei's "3T+1M" IoT security framework which leverages technologies, scenarios and management to provide comprehensive protection. Examples of typical IoT security cases and how Huawei addresses threats at each layer of the IoT architecture are also presented.
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsEditor IJCATR
Due to extensive growth of the Internet and increasing availability of tools and methods for intruding and attacking
networks, intrusion detection has become a critical component of network security parameters. TCP/IP protocol suite is the defacto
standard for communication on the Internet. The underlying vulnerabilities in the protocols is the root cause of intrusions. Therefor
Intrusion detection system becomes an important element in network security that controls real time data and leads to huge
dimensional problem. Processing large number of packets and data in real time is very difficult and costly. Therefor data preprocessing
is necessary to remove redundant and unwanted information from packets and clean network data. Here, we are focusing on
two important aspects of intrusion detection; one is accuracy and other is performance. The layered approach of TCP/IP model can be
applied to packet pre-processing to achieve early and faster intrusion detection. Motivation for the paper comes from the large impact
data preprocessing has on the accuracy and capability of anomaly-based NIPS. In this paper it is demonstrated that high attack
detection accuracy can be achieved by using layered approach for data preprocessing in Internet. To reduce false positive rate and to
increase efficiency of detection, the paper proposed framework for preprocessing in intrusion prevention system. We experimented
with real time network traffic as well as he KDDcup99 dataset for our research.
GENBAND has implemented a multi-layer security architecture and threat mitigation solution using session border controllers to protect VoIP networks from security vulnerabilities like denial of service attacks, theft of service, and others. The solution uses deep packet inspection, access control, topology hiding, and other methods at the network, session, and application layers to detect and prevent a wide range of threats. It can process traffic at wire speeds even during attacks to minimize disruption.
This document provides an overview of Denial of Service (DoS) attacks on Session Initiation Protocol (SIP) based Voice over Internet Protocol (VoIP) infrastructure. It first introduces VoIP and SIP, describing SIP components and messages. It then discusses security issues with SIP such as eavesdropping, message tampering, and spoofing. Several types of SIP DoS attacks are classified, including SIP message payload tampering, SIP message flow tampering, and SIP message flooding attacks. The document concludes by stating that SIP DoS attacks can render SIP services inoperable and discussing previous work on analyzing the robustness of SIP servers under DoS attacks.
The document provides an overview of security requirements and constraints for voice over IP (VoIP) systems. It discusses security characteristics of existing VoIP protocols like H.323 and SIP, including authentication and encryption capabilities. It then lists key security requirements for VoIP like dynamic firewall control, bandwidth management, and encryption of signaling and media traffic. Finally, it analyzes security constraints imposed by factors like delay sensitivity of real-time voice, which can impact the use of public-key cryptography for authentication between all devices in the network.
Madhumita Routray presented on Internet Protocol Telephony. The presentation covered:
1. IP telephony uses IP networks to transmit voice traffic instead of traditional telephone networks. It has lower costs and provides more features.
2. The architecture includes end devices, gateways, and gatekeepers. Protocols like H.323 and SIP are used to connect the different components.
3. IP telephony works by digitizing voice into packets that are transmitted over IP networks and reassembled at their destination. There are challenges around quality of service and integrating with traditional telephone networks.
The document discusses techniques for detecting denial-of-service (DoS) attacks in Session Initiation Protocol (SIP)-based Voice over IP (VoIP) networks. It reviews several proposed detection mechanisms, including statistical detection using Hellinger's distance, a double-layered architecture using traffic scanning, and a distributed filtering mechanism. It also summarizes a mitigation mechanism that analyzes SIP messages and calls and a technique using entropy analysis to identify attacks. Overall, the document surveys different existing approaches for detecting DoS attacks that aim to disrupt availability in SIP-based VoIP networks.
This paper presents a brief study of recent advances in wireless network security issues. The paper makes a number of contributions to the wireless networking field. First, it studies the 4G mail threats and risk and their design decisions. Second, the security of 4G architecture with next generation network security and 8-security dimensions of 4G network. Third, security issues and possible threats on 4G are discussed. Finally, we proposed four layer security model which manages to ensure more secure packets transmission by taking all the necessary security measures.
This document summarizes a research paper on VoIP security. It discusses two important VoIP protocols, SIP and H.323, and analyzes their security features. It also defines new functionality for negotiating security mechanisms between SIP entities. Several security issues are identified for VoIP, such as denial of service attacks. Solutions to improve VoIP security include encryption at endpoints, using SRTP, better scheduling, and resolving NAT/IPsec incompatibilities.
Voice over Internet Protocol (VoIP) is replacing legacy telephone networks by carrying digitized voice in IP data packets over data networks. This chapter introduces VoIP, comparing it to legacy telephone networks, and discusses VoIP standards and protocols. It also introduces WiMAX networks and discusses supporting QoS for multimedia like VoIP over WiMAX. The objectives are to guarantee QoS for multiple service classes over WiMAX and improve VoIP performance. Simulation using OPNET Modeler will analyze VoIP traffic and QoS parameters over WiMAX.
Similar to AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx (20)
Variables in a Research Study and Data CollectionIn this assignmen.docxdaniahendric
Variables in a Research Study and Data Collection
In this assignment, you will explore the variables involved in a research study.
Complete the following tasks:
Read the following articles from the Cumulative Index to Nursing and Allied Health Literature (CINAHL) Database in the South University Online Library.
Lee, A., Craft-Rosenberg, M. (2010). Ineffective family participation in
professional care: A concept analysis of a proposed nursing
diagnosis.
Nurs Diagn
. 2002 Jan-Mar;
13
(1), 5–14.
Witt, C. M., Lüdtke, R., Willich, S. N. (2010). Homeopathic treatment
of patients with migraine: A prospective observational study with
a 2-year follow-up period.
J Altern Complement Med
. 2010 Apr;
16
(4), 347–55. doi: 10.1089/acm.2009.0376.
Read the process for data collection employed in both these studies. Compare the method used in each of them.
Provide a bulleted list of the five tasks performed as part of data collection in each of them. Click
here
to enter your responses in the organizer.
.
Variation exists in virtually all parts of our lives. We often see v.docxdaniahendric
Variation exists in virtually all parts of our lives. We often see variation in results in what we spend (utility costs each month, food costs, business supplies, etc.). Consider the measures and data you use (in either your personal or job activities). When are differences (between one time period and another, between different production lines, etc.) between average or actual results important? How can you or your department decide whether or not the observed differences over time are important? How could using a mean difference test help?
.
Valerie Matsumoto's "Desperately Seeking "Deirde": Gender Roles, Multicultural Relations, and Nisei Women Writers of the 1930s," focuses on the writings of Deirde, a second generation Japanese American advice columnist. But as the abstract of this piece suggests, Matsumoto was not so much interested in the advice Deirde was giving her readers as much as she was interested in the questions her readers were asking the "Dear Abby"of their community in the mid-1930s to early 1940s. What were they asking about? From Deidre's columns, what were some of the concerns of the Japanese-American community during 1935-1941? While it is of extreme importance to study the experience of the Japanese-Americans during World War II , Matsumoto argues that it is also of importance to study the pre-war lives of Japanese-Americans. Why? What did these concerns reveal about the Japanese-American experience in the United States during this time period?
.
valerie is a 15 year old girl who has recently had signs of a high f.docxdaniahendric
valerie is a 15 year old girl who has recently had signs of a high fever, her parents took her to the ER and the test results say she has a bacterial infection and her white blood cells are trapping bacteria it is not binding with the vacuole and releasing necessarg enzymes to break the cell wall. What disease does valerie have?
.
Utilizing the Statement of Financial Position on page 196 of the Acc.docxdaniahendric
Utilizing the Statement of Financial Position on page 196 of the Accounting Fundamentals for Health Care Management text book (see attachement), compare the figures for 2013 and 2012. Compose a narrative of possible explanations for the documented charges in the year-end figures for the organization. Your response should be a minimum of 200 words in length and submitted in a Word document, utilizing APA format.
See attachment referencing Statement of Financial Position
.
Utech Company has income before irregular items of $307,500 for the .docxdaniahendric
Utech Company has income before irregular items of $307,500 for the year ended December 31, 2014. It also has the following items (before considering income taxes): (1) an extraordinary fire loss of $53,000 and (2) a gain of $27,100 from the disposal of a division. Assume all items are subject to income taxes at a 39% tax rate.
Prepare Utech Company’s income statement for 2014, beginning with “Income before irregular items.”
.
Using your work experience in the public and nonprofit sector, and t.docxdaniahendric
Using your work experience in the public and nonprofit sector, and the knowledge you have gained in this MPA program as a guide, address the following question in a detailed fashion:
What methods, specifically, have citizens utilized to influence and become involved in the budgeting and financial management arenas in the public sphere? Which movements or strategies have been most successful from a citizen perspective? To what degree do budgeting professionals and public administrators seek and consider this citizen involvement? What will be the trend for the future with regard to citizen participation in the process?
.
Using your textbook, provide a detailed and specific definition to.docxdaniahendric
Using your textbook, provide a detailed and specific definition to the following terms:
Transformation Leadership
Transactional Leadership
Laissez-Faire Leadership
Idealized Influence
Inspirational Motivation
Intellectual Stimulation
Idealized Consideration
Contingent Reward
Management by Exception
Kouzes and Posner wrote a book entitled the
Leadership Challenge
in which they identified five practices of exemplary leaders. Using your textbook and Internet sources, discuss the five practices and give examples of leadership behaviors that would illustrate the practice. (1 page minimum)
.
Using your text and at least one scholarly source, prepare a two to .docxdaniahendric
Using your text and at least one scholarly source, prepare a two to three page paper (excluding title and reference page), in APA format, on the following:
Explain the difference between Charity Care and Bad Debt in a healthcare environment.
Explain how the patient financial services personnel assist in determining which category the uncollectible account should be placed.
Discuss the financial implications of gross uncollectibles on the bottom line of the healthcare institution, and explain how these are recorded on the financial statements.
This is the textbook that we are on:
Epstein, L. & Schneider, A. (2014).
Accounting for Health Care Professionals
. San Diego, CA: Bridgepoint Education, Inc.
.
Using Walgreen Company as the target organization complete the.docxdaniahendric
Using
Walgreen Company
as the target organization complete the following three-step process:
First, conduct an external assessment and complete either an EFE or CPM. Use the following five websites in conducting your assessment:
http://marketwatch.com
www.hoovers.com
http://moneycentral.msn.com
http://us.etrade.com/e/t/invest/markets
http://globaledge.msu.edu/industries
Second, conduct an internal assessment and complete an IFE. Use the following documents, which may be found in the target organization’s corporate website:
Most current Form10K document
Most current Annual Report
Then develop a well-written paper describing the findings that you discovered by
analyzing the data
from the external assessment and from the internal assessment.
Present facts.
Consider putting some of the data into a graphical display (chart, figure, table) to present information in a clear way. Use citations to substantiate your ideas. Insert the completed matrixes as appendixes and reference them within the body of the paper according to APA standards.
Your paper should meet the following requirements:
Be 2-3 pages in length
Be formatted according to
APA GUIDELINES
Cite a minimum of three outside sources.
Include all required elements, including a reference page and required appendixes.
.
Using the text book and power point on Interest Groups, please ans.docxdaniahendric
Interest groups use various tactics to influence political parties and policymakers, including lobbying. There are different types of interest groups, with some being more powerful in certain states than others. Lobbyists represent interest groups and try to sway legislators through various approved methods outlined in the attached powerpoint presentation.
Using the template provided in attachment create your own layout.R.docxdaniahendric
Using the template provided in attachment create your own layout.
Review the Goals
Who is the Persona you are trying to reach?
Use the "How to Change Consumer Behavior" file
Integrate social media
A Twitter feed needs to be on the Home Page
Use a Site Architecture Excel File to let the IT Developer know sub menus
Simplify wherever you can. What is the 1 message you want the viewer to remember?
.
Using the simplified OOD methodologyWrite down a detailed descrip.docxdaniahendric
The document provides instructions for using the simplified Object-Oriented Design (OOD) methodology to design software for a police department. The methodology involves writing a description of the problem, identifying relevant nouns and verbs, selecting objects from the nouns and their data components, selecting operations from the verbs, and writing a paper proposing classes with data members and methods for tracking people, property, and criminal activity.
Using the text, Cognitive Psychology 5 edition (Galotti, 2014), .docxdaniahendric
Using the text,
Cognitive Psychology 5 edition
(Galotti, 2014), the University Library, the Internet, and/or other resources, answer the following questions. Your response to each question should be at least 150 words in length.
1.
What is primary memory? What are the characteristics of primary memory?
2.
What is the process of memory from perception to retrieval? What happens when the process is compromised?
3.Is it possible for memory retrieval to be unreliable? Why or why not? What factors may affect the reliability of one’s memory?
.
Using the Tana Basin in Kenya,1.Discuss the water sources and .docxdaniahendric
Using the Tana Basin in Kenya,
1.
Discuss the water sources and their quality - ( 5 marks)
2.
Outline the factors that influence their potential uses - (5 marks)
3.
Identify and map the current users of water in the catchment - (15 marks)
4.
Map the potential source of pollution in the catchment - (5 marks)
Need three pages APA format.
.
Using the template provided in a separate file, create your own la.docxdaniahendric
Using the template provided in a separate file, create your own layout.
Review the Goals
Who is the Persona you are trying to reach?
Use the "How to Change Consumer Behavior" file
Integrate social media
A Twitter feed needs to be on the Home Page
Use a Site Architecture Excel File to let the IT Developer know sub menus
Simplify wherever you can. What is the 1 message you want the viewer to remember?
.
Using the template provided in attachment create your own layo.docxdaniahendric
The document provides instructions for creating a website layout using the provided template, reviewing goals, identifying the target persona, integrating information from an attached file on changing consumer behavior, including a Twitter feed on the home page, using an Excel file to communicate the site architecture and submenus to developers, and simplifying the design to focus on one key message for viewers.
Using the Sex(abled) video, the sexuality section in the Falvo text.docxdaniahendric
Using the "Sex(abled) video, the sexuality section in the Falvo text (Chapter 12), and your own thoughts and experiences as context, describe prominent issues related to forming intimate relationships by people with intellectual disabilities. You may consider the viewpoints from caregivers and family members, educators, societal attitudes, counselors or support personnel, and viewpoints from people with disabilities. You may include disabilities outside of intellectual disabilities if you wish.
Watch Video: Sexuality and Relationships
.
Using the required and recommended resources from this week and last.docxdaniahendric
Using the required and recommended resources from this week and last, as well as ‘found’ resources, identify at least one specific example of groups or individuals in your community, state, or at the national level that exemplify the following themes and include a brief description of why you feel this example meets the concept. Add a link for any ‘found’ resources.
Works “with” young people rather than conducting activities “for” them.
Creates an atmosphere that sparks young people’s aspirations.
Digs deep and incorporates key elements of authentic youth involvement by making sure that:
Youth are valued and heard
Youth shape the action agenda
Youth build assets for and with each other
Why is it important for programs and or organizations to work “with” young people rather than “for” them?
.
Using the Internet, textbook or related resources, research the crea.docxdaniahendric
Using the Internet, textbook or related resources, research the creation and role of the Federal Reserve. Then in a 1-2 page paper, address the following:
When was the Federal Reserve created and for what purpose?
How does the Federal Reserve manipulate our economy to foster economic growth?
Research at
least three
specific policies instituted by the Federal Reserve.
Finally give an analysis as to why or why not you feel these policies were successful. Remember to support your position with cited sources
Due Sunday 11/30/14 at 11am CST, in APA format with APA bibliography
.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPRAHUL
This Dissertation explores the particular circumstances of Mirzapur, a region located in the
core of India. Mirzapur, with its varied terrains and abundant biodiversity, offers an optimal
environment for investigating the changes in vegetation cover dynamics. Our study utilizes
advanced technologies such as GIS (Geographic Information Systems) and Remote sensing to
analyze the transformations that have taken place over the course of a decade.
The complex relationship between human activities and the environment has been the focus
of extensive research and worry. As the global community grapples with swift urbanization,
population expansion, and economic progress, the effects on natural ecosystems are becoming
more evident. A crucial element of this impact is the alteration of vegetation cover, which plays a
significant role in maintaining the ecological equilibrium of our planet.Land serves as the foundation for all human activities and provides the necessary materials for
these activities. As the most crucial natural resource, its utilization by humans results in different
'Land uses,' which are determined by both human activities and the physical characteristics of the
land.
The utilization of land is impacted by human needs and environmental factors. In countries
like India, rapid population growth and the emphasis on extensive resource exploitation can lead
to significant land degradation, adversely affecting the region's land cover.
Therefore, human intervention has significantly influenced land use patterns over many
centuries, evolving its structure over time and space. In the present era, these changes have
accelerated due to factors such as agriculture and urbanization. Information regarding land use and
cover is essential for various planning and management tasks related to the Earth's surface,
providing crucial environmental data for scientific, resource management, policy purposes, and
diverse human activities.
Accurate understanding of land use and cover is imperative for the development planning
of any area. Consequently, a wide range of professionals, including earth system scientists, land
and water managers, and urban planners, are interested in obtaining data on land use and cover
changes, conversion trends, and other related patterns. The spatial dimensions of land use and
cover support policymakers and scientists in making well-informed decisions, as alterations in
these patterns indicate shifts in economic and social conditions. Monitoring such changes with the
help of Advanced technologies like Remote Sensing and Geographic Information Systems is
crucial for coordinated efforts across different administrative levels. Advanced technologies like
Remote Sensing and Geographic Information Systems
9
Changes in vegetation cover refer to variations in the distribution, composition, and overall
structure of plant communities across different temporal and spatial scales. These changes can
occur natural.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
Strategies for Effective Upskilling is a presentation by Chinwendu Peace in a Your Skill Boost Masterclass organisation by the Excellence Foundation for South Sudan on 08th and 09th June 2024 from 1 PM to 3 PM on each day.
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...PECB
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
1. Abstract
Voice over Internet Protocol (VoIP) is an advanced
telecommunication technology which transfers the voice/video
over
high speed network that provides advantages of flexibility,
reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many
organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured
framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP
cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense
mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video
watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such
as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from
misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University,
Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection,
VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
2. 1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resources are retrieved from the
cloud data center through web applications and soft-
ware, instead of a direct link to server3. Information and
applications are stored on cloud servers in a distributed
3. fashion. Apart from cloud computing characteristics
such as on demand service, resource pooling, opti-
mize resource allocation, pay as you go, elasticity and
scalability4,5, VoIP cloud contains mainly six components
as shown in Figure 2.
*Author for correspondence
Indian Journal of Science and Technology, Vol 9(6), DOI:
10.17485/ijst/2016/v9i6/81980, February 2016
ISSN (Print) : 0974-6846
ISSN (Online) : 0974-5645
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology2 Vol 9 (6) | February
2016 | www.indjst.org
1.2.2 DHCP Server
It is used for dynamically distributing network configu-
ration parameters such as Internet Protocol (IP) address,
address of TFTP server etc.
1.2.3 Application Server
These servers are designed to install, host and operate
applications and provide services to end users, IT
industries and organizations.
1.2.4 Time Server
The main principle of time server is to maintain syn-
chronization over the network. The actual time from
server clock is distributed to its clients using a computer
4. network.
1.2.5 TFTP Server
It helps to update the network configuration used by the
phones, routers, firewalls and perhaps provide a setting
file that might contain operational parameters for VoIP
network. e.g., software updates, codec used in a particular
region.
1.2.6 Intrusion Prevention System (IPS)
It monitors networks and systems behavior for malicious
instances. The major roles of intrusion prevention sys-
tems are to find out suspicious instances and their log
information, try to block/stop them and report to con-
cern admin.
2. Literature Review
VoIP technology was started in February 1995 by
Vocaltec, Inc. in Israel. It transfers the voice over high
speed network, cheaper comparing to PSTN and reach-
able to everywhere through internet by loon developed by
Google with 4G LTE speed6.
2.1 VoIP Security Issues
VoIP transfers the voice over the data network through
different network elements such as switches and rout-
ers. Connecting PSTN to internet i.e. VoIP as a carrier
for voice/video traffic, the security problems are not only
common in circuit switch network (PSTN, POTS) such
as eavesdropping (tapping) and toll fraud attack but also
15
42. Liao HJ, Lin CHR, Lin YC, Tung KY. Intrusion detection
system: A comprehensive review.
5. Journal of Network and Computer Applications. 2013;
36(1):16–24.
43. Audiopedia. Honeypot (computing). Available from:
https://www.youtube.com/watch?v=2fXAw33jOBk. [Cited 2014
Dec].
44. Goel R, Sardana A, Joshi RC. Wireless honeypot:
framework, architectures and tools.
International Journal of Network Security. 2013; 15(5):373–83.
45. Li Z, Grochulla M, Thormahlen T. Multiple active speaker
localization based on audio-
visual fusion in two stages. Proceedings IEEE International
Conference on Multisensor
Fusion Integration Intelligence Systems (MFI); Hamburg:
Germany; 2012. p. 262–68.
46. Zhu ZY, He QH, Feng XH, Xiongli Y, Wang ZF. Liveness
detection using time drift
between lip movement and voice. Proceedings IEEE
International Conference on Machine
Learning Cybernetics (ICMLC); Tianjin: China; 2013. p. 973–
78.
47. Chetty G. Biometric liveness detection based on cross modal
fusion. IEEE 12th International
Conference on Information Fusion (FUSION). Seattle: WA;
2009. p. 2255–62.
Figure 1. VoIP layer architecture.
Figure 1. VoIP layer architecture.
6. 16
Figure 2. VoIP cloud architecture.
Figure 3. Proposed VoIP cloud architecture.
Figure 4. Video watermarking scheme for signaling message.
Figure 2. VoIP cloud architecture.
1.2.1 Call Server
Phones are registered with this component. It handles
security and admission control while connecting the
phones. The Voice data of a call carried by the transport
protocol may or may not flow through the call server.
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 3Vol 9 (6) | February
2016 | www.indjst.org
problems related to IP network. Security issues in VoIP
are broadly classified into three categories.
7. 2.1.1 Real Time Issues
From last decade onwards, VoIP is used for several illegal
activities such as hacking, terrorism, match fixing etc.
Recently in October 2014, phone Hackers had broken
into the phone network of the company, Foreman Seeley
Fountain Architecture and routed $166, 000 worth of
calls from the firm to premium rate telephone numbers
in Gambia, Somalia and Maldives. It would have taken
34 years for the firm to run of those charges legitimately,
based on its typical phone bill.
2.1.2 Network Related Issues
Attacks related to destroy, block, expose, alter, disable,
steal or gain unauthorized access to information in VoIP
network (e.g. threats include social, denial of service, ser-
vice abuse, physical access, interruption of service etc.) are
listed in Table 1 followed by different types of attacks7,8.
2.1.3 Voice Related Issues
As VoIP system carries voice traffic, so victim’s voice can
be mimicked by an attacker/intruder. A talking and sing-
ing robot that mimics human vocalization, developed
by M. Kitani, Kagawa University is vulnerable to VoIP
communication9.
2.2 VoIP Attacks
This section deals with different types of VoIP attacks.
2.2.1 Physical Attacks
The attacker performs this attack by stealing, breaking
network equipment or direct control over equipment by
getting unauthorized access to prohibited area for seeking
of information. Some of the physical attacks are dumpster
diving, shoulder surfing, hardware key logger and overt
access etc. It can be prevented by keeping the documents
and records safely inside locker and electronic equipment
8. must be password protected. At last, outer layer security
can be provided by deploying security guards at enter and
exit points.
2.2.2 MAC Spoofing
The technique of masking a MAC address upon actual
MAC address through software emulation is known as
MAC spoofing. Here the hacker’s system is taken over
MAC address of one of the node which is already config-
ured and permitted as VoIP end device by disconnecting
or turning off it from rest of the network. It can be pre-
vented by number of ways10. When ARP packet arrives,
direct extraction of MAC address from LAN card and
from OS registry; Compare the MAC address of LAN
card with OS. If it doesn’t match, then delete the entry
from OS registry. Lock down the system by registering its
MAC address with a DHCP IP address. At last secure the
communication channel by encrypting it.
2.2.3 ARP Spoofing
Hacker spreads forgery Address Resolution Protocol
(ARP) packets inside VoIP network by modifying ARP
buffer. Here, attacker binds own system MAC address
with IP address of genuine server which causes the traffic
imply for server is diverted to attacker. It advances hacker
Table 1. VoIP network threats classification
Threat Type Description
Social threats These threats point straight against
individuals such as misconfigurations,
security holes or defective protocol
implementation in VoIP system. (e.g.,
Phishing, Theft of identity or Service,
9. Social engineering, Spam etc.)
Eavesdropping,
interception
and
modification
threats
These threats include illegal/ Un-
authorization access and modification
of signaling and transport message.
(e.g., Call rerouting, interception of RTP
sessions etc.)
Denial of
service threats
DoS threats repudiate individual access to
VoIP services. DDOS attacks strike all of
user’s or business transmission potentials.
(e.g., SYN/UDP floods, ICMP floods, etc.)
Service abuse
threats
These threats cause inappropriate utilization
of VoIP services when those facilities are
provided for business purposes. (e.g., toll
fraud and billing avoidance etc.)
Physical access
threats
These threats are illegal physical access to
10. VoIP devices or physical layer of the VoIP
network. (e.g., Hardware key logger, theft
of media, retrieval of discarded stuffs etc.)
Interruption of
services threats
These threats cause VoIP services/
facilities to unviable and unavailable.
(e.g., power loss due to bad climate,
resource consumption due to over
purchase/ extra subscription, issues that
degenerate call quality etc.)
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology4 Vol 9 (6) | February
2016 | www.indjst.org
not only listen to VoIP calls but also reply and terminate
the VoIP calls intended for other. ARP poisoning followed
by denial service threats or eavesdropping, interception or
modification threats which cause severe damages to vic-
tim. So, Enhanced ARP can be implemented to prevent
ARP spoofing11.
2.2.4 IP Spoofing
Attacker gets into the VoIP network by tricking the IP
address of any authorized machine which helps him to
spread malicious message inside the network. IP spoofing
helps attacker to launch further attacks such as DoS attack,
theft of services, toll fraud etc. by impersonating autho-
rized host inside VoIP network. Basically IP spoofing can
11. be prevented with maximum probabilities by configuring
broader gateway router. First, router disallows incom-
ing packets for destination address coming from source
address within one network. Second, router disallows to
send packets from local network to another; those don’t
have source addresses within that local address range.
Y. Ma developed an effective trace route based method
for counter measure against IP spoofing and it is worked
with trusted adjacent nodes information i.e. acceptance of
packets for a node is completely depends upon trace route
result from its adjacent nodes12.
2.2.5 ICMP Flood
Internet Control Message Protocol (ICMP) is one of the
network layer protocols that carry error and query mes-
sages sent by either intermediate nodes or end node.
Attacker tries to overflow the receiver cache by flood the
respective node with ICMP packets. It forces the node to
drop successive ICMP packets until free space available
at node’s cache even if request packets come from genu-
ine node. Routers are configured to set optimum points
for traffic coming from different networks. It will help the
routers to not only block unnecessary ICMP packets by
matching ICMP requests and responses but also prevent
cache overflow. The VoIP system must be configured sepa-
rate VLAN for packets originating within a single network
which are monitored by firewall. Barbhuiya et al. have
developed an error detection framework to identify dif-
ferent types of ICMP attack13. It consists of two modules.
Verification module verifies origination of ICMP packets
and Congestion check module extracts bandwidth utili-
zation information using Simple Network Management
Protocol (SNMP).
2.2.6 TCP/ UDP Floods
In TCP flooding attack, hacker creates huge number of SYN
12. packets with abnormal source IP addresses and sends to
receiver. Receiver node allocates space in its Transmission
Control Buffer (TCB) to each SYN requests. In response
to SYN packets, receiver sends SYN+ACK packets and
waiting for ACK packets. The SYN+ACK packets carry
abnormal IP addresses cause failure to receive ACK
packets which prevents receiver node to clear TCP SYN
requests from buffer and buffer to overflow later. Attacker
can use TCP flood attack against VoIP signaling protocol
such as H.323 and SIP; as both are connection oriented
protocols. Haris et al. have succeed to detect TCP flood
attack in communication by analyzing payload and unus-
able area of the HTTP protocol (e.g., port, flags, source IP,
header length)14.
In UDP flood attack, large number of UDP packets
are created with arbitrary source addresses and port num-
bers and then sends to victim node. Receiver node will
check whether any processes are running on those ports
and find most of the ports are closed. In reply, receiver
node creates large number of destination unreachable
packets. Increase the number of ICMP packets causes
the victim node and the network to overflow. The UDP
flood attack prevents genuine nodes to communicate the
victim node at a particular span of time. Attacker can
use UDP flood attack against VoIP transport protocol
such as RTP and RTCP; as both are connection less pro-
tocol. Bardas et al. proposed a proportional packet rate
assumption technique to differentiate UDP traffic for
detecting forge IP addresses responsible for UDP flood
attacks15.
2.2.7 TCP/ UDP Replay
First, attacker tries to obtain network sensitive information
such as session cookies, password, voice data, signal-
ing data. The information captured by sniffing tools can
13. be used by attacker to take over the ongoing session.
Sometime victim’s voice can be impersonated by directly
playing back recorded voice data or slightly modifying
voice data and send to destination which helps the hacker
to retrieve more information between caller and callee.
Encrypt the sessions is the best way to stop penetration.
Ali et al. proposed an enhanced port knocking technique
to block TCP replay and port scanning attacks16. It is
worked on source port sequences authentication instead
of destination port sequence number.
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 5Vol 9 (6) | February
2016 | www.indjst.org
2.2.8 SIP Registration Hijacking
VoIP phones use SIP or other signaling protocols to
register own MAC and IP addresses with call server. In
the reply, each phone will get unique call ID which allows
it to make or receive VoIP call. Attacker tries to capture
registration packets and replaces MAC address from
the packets with own MAC address. It helps the rogue
node to register with victim IP address which causes call
intending for victim node will be forwarded to attacker.
SIP registration hijacking allows burglars to track, block
and manipulate voice traffic. As end node registration is
based on TCP connection, attack will be prevented by
implementing SSL/TLS security policies 17.
2.2.9 Malformed Packets
The hacker creates malicious packets and forwards them
to nodes inside VoIP networks with the help of networking
protocols. The target node processes those packets, causes
14. open unnecessary ports and processes which degrade per-
formance of the nodes to handle VoIP traffic. New patches
and software will be installed to maintain the node up-to-
date and shutdown the security holes which are vulnerable
to attack. New generation firewalls must be installed to
provide protection against vulnerable packets by filtering
packets based on inbound rules, outbound rules and con-
nection security rules. Geneiatakis et al. have succeeded
in developing a framework that provides defense against
malformed packets for VoIP infrastructure18. The detec-
tion mechanism is based on signature detection which
consists of two parts. First one, general signature detec-
tion (e.g., SIP METHOD, SIP URI, HEADERS) applicable
to all the packets and second one is method specific (e.g.,
CALL-ID, Content-Type, INVITE _METHOD) differ
from packets to packets.
2.2.10 SIP Message Modification
In message modification attack, by running network
sniffing tools (e.g.,Wireshark), attacker penetrates traffic
and tries to modify signaling message for better control over
the VoIP network. Suppose a user initiates a call to victim’s
phone by sending SIP message to call server. Modification
of SIP messages confuses and forces the server to connect
rogue phone. User knows that he is connected to one user
but actually the traffic is routed to attacker. SIP message
modification is carried out by performing MITM attack
such as MAC spoofing, IP spoofing or ARP poisoning. As
SIP and RTP packets transmission are taken place over
TCP and UDP connection; VoIP traffic must be encrypted
by implementing SSL/TLS to prevent this attack17.
2.2.11 SIP Cancel/ Bye Attack
Host (zombie) must be configured in promiscuous mode
to lunch attack into VoIP network by sending SIP Cancel
15. or Bye packets. Abnormal packets are created and sent
to an IP phone from its connected IP phone by spoofing
its IP address which will proceed to terminate the ongo-
ing call. Attacker can perform this attack continuously
for certain period of time by spoofing more than one IP
addresses which causes denial of service attack. As both
signaling and transport protocols use no authentication
prior to data transmission, so, this attack can be prevented
by encrypt the communication channels. Second, provide
authentication between end device and call server and at
last verification of authenticity of signaling message by
end devices before processing 19.
2.2.12 SIP Malformed Command
In web based VoIP communication (e.g. Facebook,
Google Hangout), Hyper Text Markup Language (HTML)
plays a major role as it carries all the signaling informa-
tion/ command in its body. Parsing SIP command within
HTML code for all possible input is really a headache.
Attacker tries to inject malformed SIP command in input
field and send to server for processing as like SQL injec-
tion. In response either it breaks the server authentication
or degrades the performance of server and end devices.
In counter measure, whether packets are coming from
genuine user or not will be confirmed by call server by
verifying authenticity of SIP message before processing.
Dictionary and fuzzy tests must be performed on HTML
code that filtered tricky SIP malformed packets used to
exploit server. M. Su and C. Tsai propose two functions
to resists malformed SIP packets and flooding attack on
call servers20. First function filters malformed packets
and second one uses Chi-square test to measure flooding
attack on SIP server.
2.2.13 SIP Redirect
Call server cache maintains data structure of Phone’s
16. caller ID, corresponding MAC and IP address. Attacker
manipulates call server cache to confuse the call server
for call redirection. So, SIP packets coming for receiver
are redirected to attacker specified number. Attacker can
perform DoS and DDoS attack by redirecting a single call
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology6 Vol 9 (6) | February
2016 | www.indjst.org
or all the calls to void device(s). So, call server must be
strong password protected and SIP must be authenticated
to prevent redirection attack19.
2.2.14 RTP Payload
Captured packets will be played later to listening the
conversation between the end users using sniffing tools.
Attacker can insert own voice inside RTP payload
which degrade the quality of conversation and some-
time changed in the meaning of conversation. In RTP
tampering, header fields (sequence number, synchroni-
zation source Identifier, payload type, timestamp etc.)
are tampered which make the packets either unusable
or delayed, causes rejection at receiver end. In RTP redi-
rection, header field of packets are modified with other
receiver caller id and IP address causes packets intending
for one will go to other. It can be prevented by configuring
VoIP network with Secure Real-Time Transport Protocol
(SRTP) instead of RTP21. It will encrypt the RTP packets
propagate between callers.
2.2.15 Buffer Overflow
17. Buffer is the temporary storage allocated by OS in physical
memory for processing data by computer program. Buffer
is mainly divided into four types such as code, data, stack
and heap segments. Attacker tries to perform buffer over-
flow attack by targeting at least one of the segments. It
helps to steal or modify the sensitive information or install
malicious code and execute it. Buffer overflow attacks are
mainly executed by four ways such as long jump, function
activation record, pointer subterfuge and malicious code
execution. It can be defended by writing secure code,
performing bound checking or static and dynamic code
analysis and runtime code instrumentation22.
2.2.16 Operating System
In VoIP communication network, IP phones, Call server,
TFTP server, gateway and DHCP server etc. requires
OS (e.g., Windows, Linux, Mac) to run. So, vulnerabili-
ties in OS make them vulnerable23. OS vulnerabilities
in VoIP phones are mainly of two types. Hard phones
have in build embedded OS which is less vulnerable
and more protected than soft phones. VoIP soft phones
are software packages which are installed on computers
connected to data network. Old hardware, unsupported
drivers, bad integration of APIs, unsecure administrator
APIs expose OS to attack. Like IP phones, web server
OS, DHCP server, and call manager can be exploited
by attacker for seeking of sensitive and crucial infor-
mation (e.g., password, IP table, VoIP configuration
file). As default configuration of OS is not secure, it is
exposed to malwares to install. Its execution opens well
known ports which helps attacker to run abnormal pro-
cesses (e.g., free call, toll fraud). It can be pre-empted by
hardening OS24.
2.2.17 Malwares
18. A vulnerable piece of executable codes or program used
by unknown third party to install in VoIP network and
bring down its performance by hook or crook. Malicious
programs or malwares are mainly classified as two cat-
egories, first one simple malwares and second one is
self-replicated malwares25. Logic bomb and Trojan horse
are come under non self-replicated/simple malware. Self-
replicating malware such as virus and worm, who spread
its infection over the network within few hours or days.
Trojan horses are dispatched over network for remote
control over victim VoIP phones. Logic bomb helps the
attacker to trigger other dangerous attacks (DoS, DDoS,
sniffing etc.) in timely manner. It will be prevented by
installing updated antivirus and patching up VoIP system
software on regular basis.
2.2.18 Application Flaws
As most of the VoIP communications are web based,
it’s vulnerable to two major application flaws such as
Structured Query Language (SQL) Injection attack and
cross site scripting attacks. In SQL Injection attack, mali-
cious commands are inserted in SQL statements to gain
unauthorized access to server database. It can be prevented
by implementing three primary defense mechanisms
such as defensive coding, SQL injection vulnerabilities
detection and runtime SQL injection attack prevention26.
In cross site scripting attack, hacker uses the advantages
of scripting languages to launch attack by injecting mali-
cious code inside the web application. It can be prevented
by configuring strong authentication and validation for
web based VoIP application27.
2.2.19 TFTP Server Insertion
Hacker tries to plant rouge TFTP server in the network
by disabling/ spoofing actual TFTP server. It forces IP
phones to receive wrong configuration information (e.g.,
19. Call ID, SIP server IP address and phone number) which
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 7Vol 9 (6) | February
2016 | www.indjst.org
may provoke bill fraud attack. It will be prevented by
encrypting and authenticating the channel between IP
phones and TFTP server using TLS/ SSL. N. N. Mohamed
et al. suggested compression and encryption technique
to secure TFTP packets28. For compression, lossless
algorithm (e.g., Huffman coding) and for encryption,
symmetric encryption algorithm (e.g., AES, 3-DES) is
used. Diffie-Hellman Key Exchange algorithm is used for
distribution of symmetric key between client and server.
2.2.20 DHCP Server Starvation
Attacker generates random MAC addresses and creates
DHCP request for each MAC address. By flooding DHCP
server with DHCP requests, consumes DHCP IP pool
and to overflow later. It is to be continued until reserved
IP addresses DHCP timers will be expired. Dinu and
Togan proposed digital certificate based DHCP server
authentication to stop DHCP server starvation attack29. It
uses asymmetric key cryptography and digital certificates
for DHCP server authentication and verifying DHCP
response from it to prevent starvation.
2.3 Defense Mechanisms to Prevent Attacks
Defense mechanisms provide basic counter measures to
prevent potential VoIP attacks explained above are broadly
classified into twelve types and listed in Table 2 7,30.
20. 2.3.1 Physical Access Control (PAC)
Physical securities can be implemented mainly three
ways31. First, equipment should be placed and surrounded
by multi-layer barriers, which will prevent from natu-
ral disasters like cyclone, floods etc. (e.g., wall, multiple
locks, fireproof safes etc.). Second, deployment of surveil-
lance systems such as smoke and heat detectors, cameras,
alarms that decreases occurrences of manmade disasters
with maximum amount. At last, practices must be imple-
mented to prevent before any attack has been occur and
fast recovery from damages, if any attack has occurred.
2.3.2 ARP Cache Protection (ACP)
Static ARP cache entries allow maintaining manual
mapping between IP address to MAC address so that
Table 2. Defense mechanisms against attacks
Attacks
Defense
Mechanisms
1.
Ph
ys
ic
al
A
tt
ac
ks
29. PAC √
ACP √
OSP √ √ √ √
PA √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √
RC √ √
FC √ √ √
SVDT √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √
CA √ √
SA √ √ √ √ √ √ √
ME √
IDS √ √ √ √ √ √ √ √ √ √ √ √ √ √ √
Honeypot √ √
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology8 Vol 9 (6) | February
2016 | www.indjst.org
reply packets are discarded. ARP anti-spoofing software
ignores ARP spoofing packets by it certification or
crosschecking of its responses. It can be integrated with
30. Dynamic Host Configuration Protocol (DHCP) server, so
that all static and dynamic IP addresses are certified before
used. Operating system security is provided by configur-
ing its registry files that prevent burglar to update ARP
cache. Registries files are found under HKEY_LOCAL_
MACHINESYSTEM folder. Yang, Yang and Ding
proposed a WinPcap driven system that monitors all ARP
packets for ARP spoofing32. WinPcap driver captures and
monitors the packets to verify whether the IP-MAC map-
ping is legal or not by checking packets coming from legal
hosts, before update the cache.
2.3.3 Operating System (OS) Protection (OSP)
OS protection requires vulnerability assessment and
management techniques such as patching OS holes, OS
hardening, updating security software, OS auditing, proper
priviligation to user accounts etc. Kaczmarek and Wrobel
proposed integrity checking and recovery (ICAR) protec-
tion model comprises of three layers and it’s responsible
for hash creation, verification and configuration of secu-
rity policies33. Data layer consists of sensitive information
and database that contains hashes and backup of highly
sensitive information. Kernel layer manages verification
of data integrity, authenticity and confidentiality. Utility
layer is responsible for configuring security policies and
controlling the host.
2.3.4 Port Authentication (PA)
Strong port authentication can provide defense against
interception, interruption and modification of traffic,
interoperability between old and new network protocols
and prevent malicious software execution. IEEE 802.1X
port based authentication supplies security credentials
such as user id, password or digital certificate to legal
user34. User has to use the credential for verification,
before access the resources. If server verifies the creden-
31. tials are valid, user is permitted to utilize the resources.
deGraaf, Aycock and Jacobson explained port knocking
where authentication data is communicated throughout
network ports to prevent unauthorized access35.
2.3.5 Router Configuration (RC)
Fraudulent route update packets are blocked by
configuring neighbor configuration. The configuration
is available in the following routing protocols such as
Boarder Gateway Protocol (BGP), DRP Server Agent,
Intermediate System-Intermediate System (IS-IS)
etc. Sehgal and Nath proposed secure routing proto-
col which has two phases36. In route discovery phase,
Source node initiates a request to discover a route from
source to destination. Route unitization phase, source
selects one of the route and the destination has to con-
firm that route by sending reply packet to source. Source
sends predecessor packet to notify intermediate nodes
on the route that they should anticipate certain amount
of data within a given time. When this packet reaches at
destination, source receives an acknowledgement from
destination. If not, there is a malicious user in between
the path.
2.3.6 Firewall Configuration (FC)
Firewalls mainly configured into three types such as
packet filters, stateful inspection and application proxy.
Packet filter monitors all the packets header fields such
as source and destination address, port number and pro-
tocol used based on predefined rules. Stateful inspection
firewall tracks network connection state and differentiate
packets based on the type of connection. It is also called
dynamic packet filtering firewall and its fail to examine
the content of the payload. Application proxy firewall
allows the entire traffic pass through a proxy server, which
32. verifies packets header including its content at application
level for any malicious activities. Chacon, Benhaddou and
Gurkan proposed Virtual Private Network (VPN) based
firewall that provides more security to Boarder Gateway
Router (BGR) by making voice information less vulner-
able to both inside and outside attack37.
2.3.7 Separate VoIP Data Traffic (SVDT)
In VoIP communication, both voice and data share
common medium for transmission which raises threats
against voice. Butcher, Li and Guo proposed separation
of voice from normal data flow can block a number of
attacks which are vulnerable to FTP, HTTP and SMTP
etc. 7. Separate physical network causes more expense,
so, it can be possible through VLAN technology. VLANs
are implemented by network switches allow routing on
same VLAN between devices. Both VoIP voice and data
are segmented using firewall where PCs are connected
to data segment and VoIP phone are connected to voice
segment.
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 9Vol 9 (6) | February
2016 | www.indjst.org
2.3.8 Configuration Authentication (CA)
In VoIP telephony network obtaining the configuration
information from unwanted vulnerable server makes end
phones more sensitive to launch attacks. Danforth and
Gould described different ways of authenticating TFTP
server before downloading configuration file38. During
manufacturing time, the VoIP phones are configured
with public keys of different TFTP servers gives a way for
33. authentication. Another way the handsets are configured
with a key (public or secret) of TFTP server. After getting
own IP address and TFTP server IP address from DHCP
server, phone should establish a secure connection with
TFTP server using SSL/TLS. During handshaking, verifi-
cation happens using public key that phone contains and
private key of TFTP server.
2.3.9 Signaling Authentication (SA)
In VoIP network, SIP is used to establish, redirect or
terminate the connection. Internet Protocol Security
(IPSec) and SSL/TLS are used to provide strong authen-
tication and encryption against attack. Key agreement
protocol is used in small scale deployment where trust
being established between phones and server. Kilinc
and Yanik presented different authentication and key
management schemes for SIP protocols which mainly
include Password Authenticated Key Exchange (PAKE)
based schemes, Hash and Symmetric Encryption based
schemes, Public Key Cryptography (PKC) schemes and
ID Based and Weil Pairing based schemes39.
2.3.10 Medium Encryption (ME)
In VoIP, medium encryption is broadly classified into two
types such as symmetric and asymmetric encryption40.
Encryption strength is mainly depending upon the strength
of the algorithm and the size of key is used. In encryption
techniques key management and distribution also play an
important role41. To maintain confidentiality and integrity,
symmetric key is distributed with the help of the techniques
such as simple secret key distribution, secret key distribu-
tion with confidentiality and authentication and hybrid
key distribution. Public key sharing has taken place using
public announcement, publicly available directory, public
key authority or public key certificate techniques.
34. 2.3.11 Intrusion Detection System (IDS)
Hardware/ software are used to monitor network traffic
for malicious and unlawful actions and notify to admin by
warning message or raising alarm. Basically IDS is of two
types such as Network Intrusion Detection System and
Host Intrusion Detection System. It commonly uses three
methodologies to track down malicious activities. Signature
based detection is the valuable and straight forward meth-
ods to uncover known threats. Anomaly based detection is
effective one to identify new and expected threats. Stateful
protocol analysis tracks down protocols performance and
differentiates abnormal flow of commands. All these three
methods use five different approaches such as statistics
based, pattern based, rule based, state based and heuristic
based which were discussed by Liao, Lin, Lin and Tung42.
2.3.12 Honeypot
It is a trap set to detect, deflect or counter attempt at unau-
thorized use of information system which is seems to be
contain of information or resources of values to attackers.
It is classified based on their deployment and based on
their level of involvement43. Based on its deployment it’s
of two types, one is production honeypot and second one
is research honeypot. According to level of involvement
or design perspective, pure honeypot, higher interaction
honeypots, low interaction honeypots are three types
of honeypots. Goel, Sardana and Joshi presented a wide
range of honeypot systems and proposed framework for
honeypot system that enclose a broad range of honeypot
architectures and categories previous systems according
to framework based on attacks44.
3. Proposed Work
VoIP cloud with all security configurations as discuss
earlier is not enough to provide security against all the
35. threats discussed earlier. So, effective network based IPS
architecture using LVD technique is proposed for VoIP
cloud shown in Figure 3.
The proposed system involves twosteps process.
1) Video watermarking and extraction and 2) Verification
using LVD system
3.1 Video Watermarking and Extraction
There are several VoIP-specific protocols but they fall in
two categories: (i) transport protocols (e.g., RTP) and
(ii) signaling protocols (e.g., SIP). Transport protocols
carry the live video data after the proper the connection.
Signaling protocols executes control information like
CONNECT, DISCONNECT etc.
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology10 Vol 9 (6) |
February 2016 | www.indjst.org
Sequence numbers play important roles to prevent SSL
attacks in real time communication. So at the first step
the sequence number is attached with the video/ frames
taken during the connection/disconnection time. Since
the control information is not a video data, it has to be
embedded with video using watermark embedding tech-
nique and forwarded to the server side for authentication
as illustrated in Figure 4. In the server side, the water-
marked video will be extracted and the video submitted
to the LVD for verification.
IPS in VoIP cloud not only monitors the packets
36. are coming from legitimate caller or not but also moni-
tors sequence number of packets and its content. In real
time communication succeeding packet sequence num-
ber always larger than current packet sequence number
and contents varies packet to packet and time to time
which helps IPS to prevent SSL attacks to be taken place.
If any packet with old sequence number or repetition of
information inside the payload, it will be dropped by VoIP
server. Always signaling packets will get high priority over
data packets.
3.2 Verification using LVD System
The aim of the LVD is to determine if the biometric data
is being captured whether it’s from a legitimate live user
or it is replayed or synthetic. It is verified by correlating
the user’s voice with lip-face motion. The Whole LVD is
divided into seven steps. The whole process of verifica-
tion is divided into two stages. The flow diagram of LVD
is shown in Figure 5. There are two types of videos passed
to LVD system for verification. 1) Extracted watermarked
video2) RTP message along with the video.
3.2.1 Seven Steps of LVD
Step 1: Image and Voice Acquisition: Video and Voice
are captured by web cam and microphone respec-
tively.
Step 2: Image and Speech Enhancement: The captured
information goes for reduction of noise, and this
can be achieved by smoothing and sharpening the
audio- visual data.
16
37. Figure 2. VoIP cloud architecture.
Figure 3. Proposed VoIP cloud architecture.
Figure 4. Video watermarking scheme for signaling message.
Figure 4. Video watermarking scheme for signaling
message.
17
Figure 5. Flow diagram of liveness voice detection technique.
Figure 6. Proposed N-IPS architecture.
Figure 5. Flow diagram of liveness voice detection
technique.
16
Figure 2. VoIP cloud architecture.
38. Figure 3. Proposed VoIP cloud architecture.
Figure 4. Video watermarking scheme for signaling message.
Figure 3. Proposed VoIP cloud architecture.
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 11Vol 9 (6) |
February 2016 | www.indjst.org
Step 3: Face and Voice Identification: Real time faces
detection and speech detection can be done by
motion analysis. Two level audio- visual fusion
techniques can be used for effective face and voice
identification by localization of multiple active
speakers45. First level is based on speaker activity
detection used to find out who are the live speak-
ers and second level uses Gaussian method for
integration of audio-visual modalities results to
increase robustness.
Step 4: Facial Verification and Speaker Recognition: In Face
verification and speaker recognition process, user
authenticity is checked. If NO, the call is termi-
nated. If yes, it will go for next level verification.
Step 5: Features Extraction: From lip movement, the
motion based features will be extracted (Phase 1).
From speech, the corresponding speech features
39. will be extracted (Phase 2). Extracted features at
both phases must be language and text indepen-
dent. Lip movement involves the following two
elements. Fastness: frequency is the prime factor
calculated from lip motion. Loudness: Power is the
prime factor calculated from area covered by lips
(distance between top and bottom lip).
Step 6: Liveness Voice Detection: Features from phase 1 is
correlated with features from phase 2. If it falls within
fixed threshold values range, it is Ok, the connection
will be continued else it will be terminated. In LVD,
liveness score evolution algorithm can be used to
measure the synchrony between the lip movement
and voice in video sequence46. Multimodal sys-
tem based on cross modal fusion technique can be
also used for liveness detection47. Audio and visual
speech features are extracted from video sequence
to measure the degree of synchrony between the lip
movement and voice in video sequence.
3.3 IPS Deployment
As VoIP communication handles real time data, IPS
deployment is also an important factor to make the service
more effective and efficient. In pass-by monitoring con-
figuration, a copy of the traffic is sent to the IPS while the
original packet travels to one Public Network to another
public network as shown in Figure 6. If the IPS identifies
an anomaly with the packet, the IDS/IPS can either log/
record the activity or prevent the attack from being suc-
cessful. As an effective IPS, false positive/ negative should
have minimized with maximum efficiency.
4. Conclusion
The flexible and reliable communication is reached by
sending the voice over the internet by using new gen-
40. eration VoIP services. This research paper summarizes
security threats related to VoIP cloud. Due to VoIP
vulnerabilities including eavesdropping, DoS, D-DoS,
MITM attack, it is necessary to protect signaling and real
time information. A security framework for VoIP cloud
is proposed which uses the concept of LVD to provide
resistance against threats. The use of pass-by IPS makes
this proposed framework has no effect on quality of VoIP
calls as the copy of the original packets are forwarded to
IPS and analyzed. At last, further research has to be per-
formed to raise the level of security due to randomness of
occurrence of cyber-attacks.
5. References
1. Hartpence B. Introduction to voice over the internet
protocol. Packet Guide to Voice over IP. Oram A, Gulick M,
editors. O’Reilly: Sebastopol, CA; 2013.
2. Devi GU, Kaushik KV, Sreeveer B, Prasad KS. VoIP over
Mobile Wi-Fi hotspot. Indian Journal of Science and
Technology. 2015 Jan; 8(S2):195–9. DOI: 10.17485/
ijst/2015/v8iS2/58751.
3. Patinge SA, Soni PD. Metamorphosis in VoIP cloud com-
puting services used in VoIP. International Journal of
Application Innovation in Engineering Management. 2013;
2(2):236–9.
4. Mahmood Z. Cloud computing: characteristics and deploy-
ment approaches. 11th IEEE International Conference
Computer and Information Technology (CIT); Pafos:
Cyprus; 2011. p. 121–6.
5. Shyamala K, Rani TS. An analysis on efficient resource
allocation mechanisms in cloud computing. Indian Journal
41. Figure 6. Proposed N-IPS architecture.
17
Figure 5. Flow diagram of liveness voice detection technique.
Figure 6. Proposed N-IPS architecture.
A Comprehensive Survey of Security Issues and Defense
Framework for VoIP Cloud
Indian Journal of Science and Technology12 Vol 9 (6) |
February 2016 | www.indjst.org
of Science and Technology. 2015 May; 8(9):814–21. DOI:
10.17485/ijst/2015/v8i9/50180.
6. Kim D. A survey of balloon networking applications
and technologies. Available from: http://www.cse.wustl.
edu/~jain/cse570-13/ftp/balloon/index.html. [Cited 2014
Aug].
7. Butcher D, Li X, Guo J. Security challenge and defense
in VoIP infrastructures. IEEE Transactions on Systems
Man and Cybernetics Part C: Applications Reviews. 2007;
37(6):1152–62.
42. 8. Graves K. Certified ethical hacker study guide, 4th ed.
Wiley: Danvers, MA; 2010.
9. Sawada H, Higashimoto T. A mechanical voice system
and its adaptive learning for the mimicry of human vocal-
ization. Proceedings IEEE International Symposium on
Computational Intelligence Robotics and Automation;
Cobe, Japan; 2003. p. 1040–45.
10. Hatkar AA, Varade GA, Hatkar AP. Media access control
spoofing techniques and counter measures. International
Journal Scientific & Engineering Research. 2012; 2(6):1–5 .
11. Nam SY, Kim D, Kim J. Enhanced ARP: preventing ARP
poisoning-based Man-in-the-Middle Attacks. IEEE
Communications Letters. 2010; 14(2):187–9.
12. Ma Y. An effective method for defense against IP spoof-
ing attack. IEEE 6th International Conference on Wireless
Communications Networking and Mobile Computing
(WiCOM); Chengdu: China; 2010. p. 1–4.
13. Barbhuiya FA, Roopa S, Ratti R, Biswas S, Nandi S. An
active
detection mechanism for detecting ICMP based attacks.
IEEE 11th International Conference on Trust, Security and
Privacy in Computing and Communications; Liverpool:
England; 2012. p. 51–58.
14. Haris SHC, Ahmad RB, Ghani MAHA, Wal GM. TCP SYN
flood detection based on payload analysis. Proceedings
IEEE Student Conference on Research and Development
(SCOReD); Putrajaya: Malasia; 2010. p. 149–53.
15. Bardas AG, Zomlot L, Sundaramurthy SC. Classification of
43. UDP traffic for DDoS detection. USENIX 5th International
Workshop on Large-Scale Exploits and Emergent Threats
(LEET); San Jose: CA; 2012. p. 1–8.
16. Ali FHM, Yunos R, Alias MAM. Simple port knocking
method against TCP replay attack and port scanning. IEEE
International Conference on Cyber Security. Cyber Warfare
and Digital Forensic (CyberSec); Kuala Lumpur: Malasia;
2012. p. 247–52.
17. Stalling W. Transport-level security. Cryptography and
Network Security. Horton M, editor, 5th ed., Pearson:
Upper Saddle River, NJ; 2011. p. 485–20.
18. Geneiatakis D, Kambourakis G, Lambrinoudakis C,
Dagiuklas T, Gritzalis S. A frame for protecting a SIP-based
infrastructure against malformed message attacks.
Computer Network. 2007; 51(10):2580–93.
19. Zhang G, Pallares JJ, Rebahi Y, Fischer-Hubner S. SIP
proxies: New reflectors in the internet. Communications
Multimedia Security; Springer : Verlag Heidelberg; 2010.
20. SuM Y, Tsai CH. An approach to resisting malformed and
flooding attacks on SIP servers. Journal of Networks. 2015;
10(2):77–84.
21. Hartpence B. The real-time transport protocol and the
real-time control protocol. Packet Guide to Voice over IP,
Oram A, Gulik M, editors, 1st ed.; O’Reilly: Sebastopol, CA;
2013.
22. Fu D, Shi F. Buffer overflow exploit and defensive tech-
niques. IEEE International Conference on Multimedia
Information Networking and Security (MINES); Nanjing,
44. China; 2012. p. 87–90.
23. Ransome JF, Rittinghouse JR. VoIP security risks. VoIP
Security, Casey E, editor; Elsevier: Burlington, MA; 2005.
24. Hardening the operating system. Available from: http://cdn.
ttgtmedia.com/searchEnterpriseLinux/downloads/466_
HTC_Linux_02.pdf. [Citied 2014 Oct].
25. Filiol E. Taxonomy, techniques and tools. Computer
Viruses: From Theory to Applications, 1st ed.; Springer:
Verlag, France; 2004.
26. Shar LK, Tan HBK. Defeating SQL injection. IEEE
Computer:
Gender Diversity in Computing. 2013; 46(3):69–77.
27. Natan RB. Application security. Implementing Database
Security and Auditing; Elsevier: Burlington, MA; 2005.
28. Mohamed NN, Mashim H, Yussoff YM. Compression
and encryption technique on securing TFTP packet.
IEEE Symposium on Computer Application Industrial
Electronics (ISCAIE); Penang, Malaysia; 2014. p. 198–202.
29. Dinu DD, Togan M. DHCP server authentication using
digital certificates. Proceedings IEEE 10th International
Conference Communications (COMM); Bucharest,
Romania; 2014. p. 1–6.
30. Keromytis AD. A comprehensive survey of Voice over
IP security research. IEEE Communications Surveys &
Tutorials. 2012; 14(2):514–37.
31. Graves K. Physical site security. Certified Ethical Hacker
Study Guide, Parsons K, Carson C, 4th ed.; Wiley: Danvers,
45. MA; 2010.
32. Yang M, WangY, Ding H. Design of WinPcap based
ARP spoofing defense system. IEEE 4th International
Conference on Instrumentation Measurement Computer,
Communication Control (IMCCC); Harbin, Heilongjiang;
2014. p. 221–5.
33. Kaczmarek J, Wrobel MR. Operating system security by
integrity checking and recovery using write-protected
storage. IET Information Security. 2014; 8(2):122–31.
Ashutosh Satapathy and L. M. Jenila Livingston
Indian Journal of Science and Technology 13Vol 9 (6) |
February 2016 | www.indjst.org
34. IEEE 802.1X port-based authentication, CISCO. Available
from: http://www.cisco.com/c/en/us/td/docs/switches/lan/
catalyst6500/ios/122SX/configuration/guide/book/dot1x.
html#wp1133592. [Cited 2015 Jan].
35. deGraaf R, Aycock J, Jacobson M. Improved port knocking
with strong authentication. Proceeding. IEEE 21st Annual
Computer Security Applications Conference (ACSAC);
Tucson, Arizona; 2005. p. 453–62.
36. Sehgal PK, Nath R. An encryption based dynamic and
secure
routing protocol for mobile Ad-hoc network. International
Journal of Computer Science Security. 2009; 3(1):16–22.
37. Chacon S, Benhaddou D, Gurkan D. Secure Voice over
Internet Protocol (VoIP) using Virtual Private Networks
46. (VPN) and Internet Protocol Security (IPSec). IEEE Region
5 Tech. Professional and Student Conference (TPSC); San
Antonio: TX; 2006. p. 218–22.
38. Danforth A, Gould K. Method to block unauthorized access
to TFTP server configuration files, U.S. Patent 7293282 B2,
2007.
39. Kilinc HH, Yanik T. A survey of SIP authentication and key
agreement schemes. IEEE Communications Survey and
Tutorials. 2014;16(2):1005–23.
40. Anderson R. Cryptography. Security Engineering: A Guide
to Building Dependable Distributed Systems, Long C, 2nd
ed., Wiley: Indianapolis, IN; 2008. p. 73–14.
41. Stalling W. Key management and distribution. Cryptography
and Network Security. Horton M, 5th ed., Pearson: Upper
Saddle River, NJ; 2011. p. 410–43.
42. Liao HJ, Lin CHR, Lin YC, Tung KY. Intrusion detection
system: A comprehensive review. Journal of Network and
Computer Applications. 2013; 36(1):16–24.
43. Audiopedia. Honeypot (computing). Available from:
https://www.youtube.com/watch?v=2fXAw33jOBk. [Cited
2014 Dec].
44. Goel R, Sardana A, Joshi RC. Wireless honeypot: frame-
work, architectures and tools. International Journal of
Network Security. 2013; 15(5):373–83.
45. Li Z, Grochulla M, Thormahlen T. Multiple active speaker
localization based on audio-visual fusion in two stages.
Proceedings IEEE International Conference on Multisensor
Fusion Integration Intelligence Systems (MFI); Hamburg:
47. Germany; 2012. p. 262–68.
46. Zhu ZY, He QH, Feng XH, Xiongli Y, Wang ZF. Liveness
detection using time drift between lip movement and voice.
Proceedings IEEE International Conference on Machine
Learning Cybernetics (ICMLC); Tianjin: China; 2013.
p. 973–78.
47. Chetty G. Biometric liveness detection based on cross modal
fusion. IEEE 12th International Conference on Information
Fusion (FUSION). Seattle: WA; 2009. p. 2255–62.
Reading and summarizing a research article:
Authors’ last names (year) conducted a study about
________________________. The participants were/the setting
was ___________________________. (New paragraph) The
findings were _____________________________. Discussion.
(Possibly a new paragraph) The authors suggested
_____________________. Discussion.
Students should fill in the blanks with their own words. To copy
directly from the article fails to show comprehension and
considered plagiarism.
To “fill in the blanks”, a student should read the journal article
and pay specific attention to:
Sentence #1- Authors’ last names (year) conducted a study
about _________________.
· Read the Abstract; this will give an overview of the study’s
(article’s) purpose.
· Read the entire article without trying to summarize it.
· Go back and read the Literature Review or Background section
of the article. Toward the end of the section, the authors should
identify gaps in the existing literature and tell the reader how
the current study will fill that gap. The authors will also state
48. their hypothesis (purpose) at the end of this section.
·
Section #2 - The participants were/the setting was
___________________________.
· Read the Methods section of the paper. In this section, the
authors will describe how the data was collected, who was
included in the sample, and any instruments used.
· A reader might want to consider sample size, demographic
characteristics, or any interesting protocol.
· It is not necessary to report every fact (i.e., 35% of the
participants were male, 71%)
Section #3 - The findings were
_____________________________.
· Read the Findings section of the article.
· Some statistics may be confusing. Pay attention to key words
such as “increased”, “decreased”, “improved”, and “reduced”.
· “No change” may also be considered a significant finding.
· Next, read the Discussion section. The authors will present the
findings in general terms. Section #4 - The authors suggested
_____________________.
· Read the Discussion section and look for comments that the
authors made about the intervention or program such as “Did it
work?” or “Should it be continued?”.
· Look for the author’s critique of why the study did or did not
produce results. Did anything unexpected influence the
findings?
· The author may suggest a future line of research or “next
steps” to improve the body of knowledge.
Additional Considerations:
· A literature review is a summary of what research has been
completed in a topic area; it should be summarized in your own
words.
· Read the entire article first and then go back and take notes.
49. Jot down notes in your own words. This increases
comprehension as well as decreases the likelihood of
plagiarism.
· The review is written in third person; no “I” or “you”.
· Not every detail or fact needs to be reported. A reader will
obtain a copy of the article if more information is needed.
· Write the literature review in the past tense; the research has
already been completed.
· The article cannot “do”, “find”, or “say” anything. The authors
are the people who conducted the study.
· The above format is a guideline. It may be necessary to change
the verbs or to expand an idea.