The invention of Voice over Internet Protocol (VoIP) in communication technology created significant attractive services for its users, it also brings new security threats. Criminals exploit these security threats to perform illegal activities such as VoIP malicious attacks, this will require digital forensic investigators to detect and provide digital evidence. Finding digital evidence in VoIP malicious attacks is the most difficult task, due to its associated features with converged network. In this paper, a Model of investigating VoIP malicious attacks is proposed for forensic analysis. VoIP spoofing is being a common and most important threat to the VoIP users. It is technically possible for an attacker to masquerade as another VoIP caller (VoIP spoofing). A design of a SIP which will try to capture all of the data on a VoIP network and process it for forensic analysis with also detection of the spoofing or the fake caller address.
Askozia VoIP Security white paper - 2017, EnglishAskozia
Voice-over-IP (VoIP) provides many new features over PSTN. However, the interconnection with your IT infrastructure also carries risks affecting the security and integrity of your IP services. As IT networks are targeted by attackers, insufficient prevention can endanger not only your network but your telecommunication infrastructure that is build on top of it. This paper aims to educate about possible risks, common attacks and how to prevent them from being successful.
1) VoIP conversations are vulnerable to eavesdropping attacks where an attacker can detect phrases in a conversation without hearing the actual audio. Phrase spotting techniques allow this by analyzing encoded voice data.
2) To defend against eavesdropping, the authors propose padding packets to a fixed length and applying encryption. Low bit rate sections of audio are padded and noise is added before encryption.
3) At the receiver, noise is removed after decryption to reconstruct the original audio. Simulation results show this technique reduces errors compared to no defense. Implementing stronger encryption algorithms could further improve security.
This document presents a technique for tracking anonymous peer-to-peer VoIP calls on the Internet. The technique embeds a unique watermark into the timing of encrypted VoIP flows by slightly adjusting the timing of selected packets. This makes the timing characteristics of VoIP flows distinctive enough to identify correlations across anonymizing networks. The technique is evaluated using the Skype peer-to-peer VoIP client and the anonymous VPN service from findnot.com. Results show the technique can feasibly track anonymous calls and low latency anonymizing systems are susceptible to timing attacks.
This document outlines 6 steps to secure SIP trunking and your network: 1) Update all software regularly to patch vulnerabilities, 2) Create complex, regularly changed passwords for all accounts, 3) Authenticate accounts based on IP address using whitelists and blacklists, 4) Only permit trusted SIP providers via firewall rules, 5) Understand how your provider handles signaling and media transmission and choose the most secure options, and 6) Establish secure connections like SSL for any remote access to your network. Taking these steps will reinforce network security and prevent fraudsters from accessing sensitive data and accounts.
As presented at ITExpo 2017 and the April Peerlyst Tel-Aviv security Meetup.
Can your company afford to ignore VoIP security? With the number of attacks on your telephone services and mobile devices your chance of being attacked and financial liability is at an all time high. This session offers an introductory primer to securing your VoIP PBX. This talk will include explanations about common attacks, how they can find you, and common techniques you can use to defend your company.
Nowadays it is very common to hear from people that internet network is the largest engineering system,
and something that we cannot imagine life without.
The document discusses vulnerabilities and attacks against Voice over IP (VoIP) systems. It begins with an introduction to VoIP architecture, components, and protocols. It then covers vulnerabilities and common attack vectors against VoIP, such as identity spoofing, eavesdropping, password cracking, and denial of service attacks. The document demonstrates some example attacks and outlines tools that can be used for scanning, attacking, and testing the security of VoIP systems. It concludes with recommendations for countermeasures like firewalls, encryption, and network hardening to better secure VoIP infrastructures.
Askozia VoIP Security white paper - 2017, EnglishAskozia
Voice-over-IP (VoIP) provides many new features over PSTN. However, the interconnection with your IT infrastructure also carries risks affecting the security and integrity of your IP services. As IT networks are targeted by attackers, insufficient prevention can endanger not only your network but your telecommunication infrastructure that is build on top of it. This paper aims to educate about possible risks, common attacks and how to prevent them from being successful.
1) VoIP conversations are vulnerable to eavesdropping attacks where an attacker can detect phrases in a conversation without hearing the actual audio. Phrase spotting techniques allow this by analyzing encoded voice data.
2) To defend against eavesdropping, the authors propose padding packets to a fixed length and applying encryption. Low bit rate sections of audio are padded and noise is added before encryption.
3) At the receiver, noise is removed after decryption to reconstruct the original audio. Simulation results show this technique reduces errors compared to no defense. Implementing stronger encryption algorithms could further improve security.
This document presents a technique for tracking anonymous peer-to-peer VoIP calls on the Internet. The technique embeds a unique watermark into the timing of encrypted VoIP flows by slightly adjusting the timing of selected packets. This makes the timing characteristics of VoIP flows distinctive enough to identify correlations across anonymizing networks. The technique is evaluated using the Skype peer-to-peer VoIP client and the anonymous VPN service from findnot.com. Results show the technique can feasibly track anonymous calls and low latency anonymizing systems are susceptible to timing attacks.
This document outlines 6 steps to secure SIP trunking and your network: 1) Update all software regularly to patch vulnerabilities, 2) Create complex, regularly changed passwords for all accounts, 3) Authenticate accounts based on IP address using whitelists and blacklists, 4) Only permit trusted SIP providers via firewall rules, 5) Understand how your provider handles signaling and media transmission and choose the most secure options, and 6) Establish secure connections like SSL for any remote access to your network. Taking these steps will reinforce network security and prevent fraudsters from accessing sensitive data and accounts.
As presented at ITExpo 2017 and the April Peerlyst Tel-Aviv security Meetup.
Can your company afford to ignore VoIP security? With the number of attacks on your telephone services and mobile devices your chance of being attacked and financial liability is at an all time high. This session offers an introductory primer to securing your VoIP PBX. This talk will include explanations about common attacks, how they can find you, and common techniques you can use to defend your company.
Nowadays it is very common to hear from people that internet network is the largest engineering system,
and something that we cannot imagine life without.
The document discusses vulnerabilities and attacks against Voice over IP (VoIP) systems. It begins with an introduction to VoIP architecture, components, and protocols. It then covers vulnerabilities and common attack vectors against VoIP, such as identity spoofing, eavesdropping, password cracking, and denial of service attacks. The document demonstrates some example attacks and outlines tools that can be used for scanning, attacking, and testing the security of VoIP systems. It concludes with recommendations for countermeasures like firewalls, encryption, and network hardening to better secure VoIP infrastructures.
GENBAND has implemented a multi-layer security architecture and threat mitigation solution using session border controllers to protect VoIP networks from security vulnerabilities like denial of service attacks, theft of service, and others. The solution uses deep packet inspection, access control, topology hiding, and other methods at the network, session, and application layers to detect and prevent a wide range of threats. It can process traffic at wire speeds even during attacks to minimize disruption.
Hacking and Attacking VoIP Systems - What You Need To KnowDan York
Presentation by Dan York at AstriCon 2007 about how to secure VoIP systems with a focus on the Asterisk open source PBX. The presentation outlines the issues involved with VoIP security, the tools out there to attack/test VoIP systems, best practices to defend against attacks and ends with some specific security recommendations for Asterisk. Audio will soon be available at http://www.blueboxpodcast.com/ (and will be synced to this presentation).
This document summarizes a presentation on hacking VoIP systems. It begins with introductions of the presenters and an overview of VoIP security risks. The agenda is then outlined, covering footprinting, scanning, and enumerating VoIP systems to obtain information. Techniques for exploiting the underlying network through man-in-the-middle attacks and eavesdropping are discussed. Finally, exploiting VoIP applications through fuzzing, denial of service, and signaling manipulation will be covered.
This is my Athcon 2013 slide set. I also demonstrated that attacking mobile applications via SIP Trust, scanning via SIP proxies and MITM fuzzing in Live Demo.
The document discusses network scanning, which involves identifying live hosts, open ports, services, and vulnerabilities on a network. It describes how the Sality botnet was able to scan the entire IPv4 address space in a stealthy manner using "reverse-byte order scanning." Researchers observed this technique being used to map out vulnerable voice-over-IP servers while evading detection. The document also provides an overview of network scanning objectives and techniques.
The Art of VoIP Hacking - Defcon 23 WorkshopFatih Ozavci
VoIP attacks have evolved, and they are targeting Unified Communications (UC), commercial services, hosted environment and call centres using major vendor and protocol vulnerabilities. This workshop is designed to demonstrate these cutting edge VoIP attacks, and improve the VoIP skills of the incident response teams, penetration testers and network engineers. Signalling protocols are the centre of UC environments, but also susceptible to IP spoofing, trust issues, call spoofing, authentication bypass and invalid signalling flows. They can be hacked with legacy techniques, but a set of new attacks will be demonstrated in this workshop. This workshop includes basic attack types for UC infrastructure, advanced attacks to the SIP and Skinny protocol weaknesses, network infrastructure attacks, value added services analysis, Cdr/Log/Billing analysis and Viproy use to analyse signalling services using novel techniques. Also the well-known attacks to the network infrastructure will be combined with the current VoIP vulnerabilities to test the target workshop network. Attacking VoIP services requires limited knowledge today with the Viproy Penetration Testing Kit (written by Fatih). It has a dozen modules to test trust hacking issues, information collected from SIP and Skinny services, gaining unauthorised access, call redirection, call spoofing, brute-forcing VoIP accounts, Cisco CUCDM exploitation and debugging services using as MITM. Furthermore, Viproy provides these attack modules in the Metasploit Framework environment with full integration. The workshop contains live demonstration of practical VoIP attacks and usage of the Viproy modules.
In this hands-on workshop, attendees will learn about basic attack types for UC infrastructure, advanced attacks to the SIP protocol weaknesses, Cisco Skinny protocol hacking, hacking Cisco CUCDM and CUCM servers, network infrastructure attacks, value added services analysis, Cdr/Log/Billing analysis and Viproy VoIP pen-test kit to analyse VoIP services using novel techniques. New CDP, CUCDM and Cisco Skinny modules and techniques of Viproy will be demonstrated in the workshop as well.
Internet Relay Chat, or IRC, is a protocol that allows users that connect to Internet Relay Chat Servers to have conversation with others in real time. Users connect to IRC Servers using an IRC Client. Commercial chat client’s like yahoo! and google chat are quite popular in wide use. To other chat clients were worth exploring. These tools are arguably better suited for criminal activity. IRC is one such tool. There are basically two options available to investigators involved in an IRC occurrence. They can look at log files on servers or clients or they can monitor transmission directly. In this paper we have been using X Chat application for the IRC Forensic Investigation. We capture the IRC Client’s packets and analyze that packets.
This document discusses security vulnerabilities in hosted VoIP environments. It summarizes techniques for attacking Cisco phones and VoIP infrastructure, including spoofing caller ID, manipulating SIP trust relationships, and escalating privileges on Cisco Unified Communications Manager and VOSS Domain Manager services. The document outlines methods for gaining persistent access to networks and manipulating call forwarding, speed dials and other phone settings.
Hacking Trust Relationships Between SIP GatewaysFatih Ozavci
This document describes how to hack the trust relationships between SIP proxies by spoofing SIP INVITE requests. It involves sending IP spoofed INVITEs from a trusted operator's network to detect the IP address and port of another operator's SIP trunk, which accepts calls without authentication. A template INVITE is prepared and looped through possible IP/port combinations. If a call is received, the spoofed SIP trunk details have been discovered and can be used to initiate fake calls.
This document discusses vulnerabilities in voice over IP (VoIP) and unified communications systems. It begins by introducing the speaker and their background in VoIP security. It then outlines various attack vectors such as exploiting vulnerabilities in signaling protocols, message content, and unified messaging features to inject malicious content or execute code. The document emphasizes that securing UC involves more than just securing VoIP, and recommends approaches like secure infrastructure design, authentication, and client protection to help secure these systems.
This document discusses penetration testing of VoIP networks using the Viproy VoIP penetration testing kit. It begins with an introduction of the author and his background in VoIP security. It then demonstrates the Viproy kit in action and discusses basic attacks against SIP services like discovery, footprinting, and spoofing calls. It also covers more advanced attacks like the SIP proxy bounce attack, creating fake services to perform man-in-the-middle attacks, distributed denial of service attacks, and exploiting trust relationships between SIP gateways. The document concludes by discussing fuzzing SIP services and clients to find vulnerabilities.
A survey of 500 IT security specialists found that roughly 40% believe they could hold their employer's network hostage by withholding encryption keys after leaving the company. Additionally, one third were confident they could bring a company to a halt with little effort using their knowledge of encryption keys and certificates. The study highlighted the need for companies to properly manage and monitor who has access to encryption keys to avoid security breaches.
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)Fatih Ozavci
Enterprise companies are increasingly using Microsoft Lync 2010/2013 (a.k.a Skype for Business 2015) services as call centre, internal communication, cloud communication and video conference platform. These services are based on the VoIP and instant messaging protocols, and support multiple client types such as Microsoft Office 365, Microsoft Lync, Skype for Business, IP phones and teleconference devices. Also the official clients are available for mobile devices (e.g. Windows phone, Android and iOS), desktops (Mac, Linux and Windows) and web applications developed with .NET framework. Although the Microsoft Lync platform has been developed along with the new technologies, it still suffers from old VoIP, teleconference and platform issues.
Modern VoIP attacks can be used to attack Microsoft Lync environments to obtain unauthorised access to the infrastructure. Open MS Lync frontend and edge servers, insecure federation security design, lack of encryption, insufficient defence for VoIP attacks and insecure compatibility options may allow attackers to hijack enterprise communications. The enterprise users and employees are also the next generation targets for these attackers. They can attack client soft phones and handsets using the broken communication, invalid protocol options and malicious messaging content to compromise sensitive business assets. These attacks may lead to privacy violations, legal issues, call/toll fraud and intelligence collection.
Attack vectors and practical threats against the Microsoft Lync ecosystem will be presented with newly published vulnerabilities and Microsoft Lync testing modules of the Viproy VoIP kit developed by the speaker. This will be accompanied by live demonstrations against a test environment.
• A brief introduction to Microsoft Lync ecosystem
• Security requirements, design vulnerabilities and priorities
• Modern threats against commercial Microsoft Lync services
• Demonstration of new attack vectors against target test platform
This document summarizes research on integrating encryption modules into the Sipdroid VoIP client. The research (1) developed encryption schemes using AES, DES, and RC4 and integrated them into Sipdroid, (2) created a test bed VoIP network to measure Sipdroid's performance with encryption, and (3) tested encryption's effects on quality of service metrics like packet loss, delay, and throughput. The results showed the encryption module worked well and increased delays slightly but did not significantly affect packet loss or throughput. Encrypted communications also could not be decoded when captured.
Performance Analysis between H.323 and SIP over VoIPijtsrd
There are a number of protocols that may be employed in order to provide the Voice over IP VoIP communication services. In VoIP system, H.323 and Session Initiation Protocol SIP are the two major standards. Both of these signaling protocols provide mechanisms for multimedia teleconferencing services. Although the two protocols architecture is quite similar, they have many differences. This system presents Voice Video over IP communication and summarizes the differences and performance of two major VoIP protocols, H.323 and SIP according to the packet delay variation, jitter, packet loss, and Packet end to end delay. It is found that both of them are non interoperable, approaching each other, their focus and applicability is still different. In this paper, the system is designed and configured by Graphical Network Simulator GNS3 and analyzed performance by Opnet Modeler Simulation. Thet Zaw Aye "Performance Analysis between H.323 and SIP over VoIP" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26647.pdfPaper URL: https://www.ijtsrd.com/engineering/computer-engineering/26647/performance-analysis-between-h323-and-sip-over-voip/thet-zaw-aye
Departed Communications: Learn the ways to smash them!Fatih Ozavci
Unified Communications (UC) is widely used by larger organisations for video conferences, office collaboration, cloud services and mobile communications. These services also have key roles in the IP Multimedia Subsystem (IMS) implementations of next generation mobile networks. As a result of these, customers require unified collaboration; and the telecommunications industry offers managed communications services and infrastructure using UC and IMS technologies. These offerings also come with design issues, well-known security vulnerabilities and legacy services.
Security testing of communication networks, however, is underestimated, and mostly under-scoped. Due to the lack of time and resources, the results of the security tests are only providing a security illusion. On the other hand, the advanced VoIP and UC attacks can be much faster and efficient with a proper methodology used. Therefore, this talk aims to improve the testing skills of the assurance teams for better penetration testing results. The theme of the talk is on transferring the VoIP and UC knowledge from a phreak to penetration testers. This will be performed through practical attack demonstrations, testing tips and automated actions.
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
Enterprise companies are using consumer and IoT devices to complete (or expand) their services such as broadband, IPTV, media streaming, satellite, voice and 3G/4G services. Although the devices are owned by the service providers, subscribers have limited (or full) access to them with service agreements. In addition to that, some of consumer devices also have roles on corporate communications, environment security or employee services. Consumer devices are located at subscriber premises; therefore, the traditional security testing approach only covers backend services security, not the devices.
Consumer and IoT devices are susceptible to hardware hacking based attacks such as firmware dumping, re-flashing with a custom firmware, and getting low level access using the physical management interfaces such as SPI, JTAG and UART. Low level access obtained can be used to modify device behaviours or their initial states. This helps attackers to debug consumer devices and operator services, to find new vulnerabilities, and to obtain the device configuration which may contain credentials for the service infrastructure.
Embedded device and hardware hacking is a rising skill set for penetration testers. It is required to understand targeted attacks which may include hardware implants, modified hardware attacking their own infrastructure or compromised devices that target the human factor. Some of advanced testing examples to be discussed are preparing a custom hardware for persistent access during a red teaming exercise, preparing a compromised consumer device for human factor pen-testing, attacking TR-069 services of a provider using smart home modems or altering the security controls of a device to abuse the service.
The presentation focuses on how the existing security testing techniques should be evolved with hardware and IoT hacking, and how service providers can make their infrastructure secure for cutting-edge attacks. Essential hardware hacking information, identifying and using physical management interfaces, hardware hacking toolset, well-known hardware attacks and hardware testing procedure will be presented in a road map for consumer devices security testing. Also a security testing approach will be explained to develop new security testing services and to improve existing ones such as red teaming, human factor pen-testing and infrastructure pen-testing.
SIP trunking: Weapon of mass communicationFlowroute
SIP trunking allows organizations to connect their phone systems to the PSTN over an IP connection instead of using traditional TDM trunks. This provides significant cost savings and flexibility. SIP trunking facilitates mobility by enabling voice calls over data connections. It also expands connectivity options by integrating with technologies like WebRTC. Choosing a SIP trunking provider requires considering factors like audio quality, support, online account tools, and standards compliance to ensure interoperability with existing systems and future technologies.
This document discusses VoIP (Voice over Internet Protocol) technology, including its challenges and applications. It covers topics like reliability issues, quality of service, fax transmission, emergency call handling, security concerns, case studies, and the VoIP market. Solutions proposed include improving network infrastructure, prioritizing emergency calls, encrypting VoIP traffic, and segmenting voice and data networks. The VoIP market is projected to grow significantly due to lower costs and the emergence of new communication services.
2FYSH: two-factor authentication you should have for password replacementTELKOMNIKA JOURNAL
Password has been the most used authentication system these days. However, strong passwords are hard to remember and unique to every account. Unfortunately, even with the strongest passwords, password authentication system can still be breached by some kind of attacks. 2FYSH is two tokens-based authentication protocol designed to replace the password authentication entirely. The two tokens are a mobile phone and an NFC card. By utilizing mobile phones as one of the tokens, 2FYSH is offering third layer of security for users that lock their phone with some kind of security. 2FYSH is secure since it uses public and private key along with challenge-response protocol. 2FYSH protects the user from usual password attacks such as man-in-the-middle attack, phishing, eavesdropping, brute forcing, shoulder surfing, key logging, and verifier leaking. The secure design of 2FYSH has made 90% of the usability test participants to prefer 2FYSH for securing their sensitive information. This fact makes 2FYSH best applied to secure sensitive data needs such as bank accounts and corporate secrets.
The document discusses techniques for detecting denial-of-service (DoS) attacks in Session Initiation Protocol (SIP)-based Voice over IP (VoIP) networks. It reviews several proposed detection mechanisms, including statistical detection using Hellinger's distance, a double-layered architecture using traffic scanning, and a distributed filtering mechanism. It also summarizes a mitigation mechanism that analyzes SIP messages and calls and a technique using entropy analysis to identify attacks. Overall, the document surveys different existing approaches for detecting DoS attacks that aim to disrupt availability in SIP-based VoIP networks.
This document discusses security issues related to Voice over Internet Protocol (VoIP). It begins by explaining what VoIP is and some of its early implementations. It then describes the basic protocols and protocol stacks used for VoIP signaling and sessions, including H.323, SIP, and RTP. The document outlines various roles in VoIP systems, such as administrators and operators. It identifies common attacks against VoIP networks like theft of service, man-in-the-middle attacks, IP spoofing, and denial-of-service attacks. It concludes that VoIP inherits security vulnerabilities from the Internet and that encryption, authentication, firewalls, and separating voice and data traffic are needed to secure VoIP networks.
GENBAND has implemented a multi-layer security architecture and threat mitigation solution using session border controllers to protect VoIP networks from security vulnerabilities like denial of service attacks, theft of service, and others. The solution uses deep packet inspection, access control, topology hiding, and other methods at the network, session, and application layers to detect and prevent a wide range of threats. It can process traffic at wire speeds even during attacks to minimize disruption.
Hacking and Attacking VoIP Systems - What You Need To KnowDan York
Presentation by Dan York at AstriCon 2007 about how to secure VoIP systems with a focus on the Asterisk open source PBX. The presentation outlines the issues involved with VoIP security, the tools out there to attack/test VoIP systems, best practices to defend against attacks and ends with some specific security recommendations for Asterisk. Audio will soon be available at http://www.blueboxpodcast.com/ (and will be synced to this presentation).
This document summarizes a presentation on hacking VoIP systems. It begins with introductions of the presenters and an overview of VoIP security risks. The agenda is then outlined, covering footprinting, scanning, and enumerating VoIP systems to obtain information. Techniques for exploiting the underlying network through man-in-the-middle attacks and eavesdropping are discussed. Finally, exploiting VoIP applications through fuzzing, denial of service, and signaling manipulation will be covered.
This is my Athcon 2013 slide set. I also demonstrated that attacking mobile applications via SIP Trust, scanning via SIP proxies and MITM fuzzing in Live Demo.
The document discusses network scanning, which involves identifying live hosts, open ports, services, and vulnerabilities on a network. It describes how the Sality botnet was able to scan the entire IPv4 address space in a stealthy manner using "reverse-byte order scanning." Researchers observed this technique being used to map out vulnerable voice-over-IP servers while evading detection. The document also provides an overview of network scanning objectives and techniques.
The Art of VoIP Hacking - Defcon 23 WorkshopFatih Ozavci
VoIP attacks have evolved, and they are targeting Unified Communications (UC), commercial services, hosted environment and call centres using major vendor and protocol vulnerabilities. This workshop is designed to demonstrate these cutting edge VoIP attacks, and improve the VoIP skills of the incident response teams, penetration testers and network engineers. Signalling protocols are the centre of UC environments, but also susceptible to IP spoofing, trust issues, call spoofing, authentication bypass and invalid signalling flows. They can be hacked with legacy techniques, but a set of new attacks will be demonstrated in this workshop. This workshop includes basic attack types for UC infrastructure, advanced attacks to the SIP and Skinny protocol weaknesses, network infrastructure attacks, value added services analysis, Cdr/Log/Billing analysis and Viproy use to analyse signalling services using novel techniques. Also the well-known attacks to the network infrastructure will be combined with the current VoIP vulnerabilities to test the target workshop network. Attacking VoIP services requires limited knowledge today with the Viproy Penetration Testing Kit (written by Fatih). It has a dozen modules to test trust hacking issues, information collected from SIP and Skinny services, gaining unauthorised access, call redirection, call spoofing, brute-forcing VoIP accounts, Cisco CUCDM exploitation and debugging services using as MITM. Furthermore, Viproy provides these attack modules in the Metasploit Framework environment with full integration. The workshop contains live demonstration of practical VoIP attacks and usage of the Viproy modules.
In this hands-on workshop, attendees will learn about basic attack types for UC infrastructure, advanced attacks to the SIP protocol weaknesses, Cisco Skinny protocol hacking, hacking Cisco CUCDM and CUCM servers, network infrastructure attacks, value added services analysis, Cdr/Log/Billing analysis and Viproy VoIP pen-test kit to analyse VoIP services using novel techniques. New CDP, CUCDM and Cisco Skinny modules and techniques of Viproy will be demonstrated in the workshop as well.
Internet Relay Chat, or IRC, is a protocol that allows users that connect to Internet Relay Chat Servers to have conversation with others in real time. Users connect to IRC Servers using an IRC Client. Commercial chat client’s like yahoo! and google chat are quite popular in wide use. To other chat clients were worth exploring. These tools are arguably better suited for criminal activity. IRC is one such tool. There are basically two options available to investigators involved in an IRC occurrence. They can look at log files on servers or clients or they can monitor transmission directly. In this paper we have been using X Chat application for the IRC Forensic Investigation. We capture the IRC Client’s packets and analyze that packets.
This document discusses security vulnerabilities in hosted VoIP environments. It summarizes techniques for attacking Cisco phones and VoIP infrastructure, including spoofing caller ID, manipulating SIP trust relationships, and escalating privileges on Cisco Unified Communications Manager and VOSS Domain Manager services. The document outlines methods for gaining persistent access to networks and manipulating call forwarding, speed dials and other phone settings.
Hacking Trust Relationships Between SIP GatewaysFatih Ozavci
This document describes how to hack the trust relationships between SIP proxies by spoofing SIP INVITE requests. It involves sending IP spoofed INVITEs from a trusted operator's network to detect the IP address and port of another operator's SIP trunk, which accepts calls without authentication. A template INVITE is prepared and looped through possible IP/port combinations. If a call is received, the spoofed SIP trunk details have been discovered and can be used to initiate fake calls.
This document discusses vulnerabilities in voice over IP (VoIP) and unified communications systems. It begins by introducing the speaker and their background in VoIP security. It then outlines various attack vectors such as exploiting vulnerabilities in signaling protocols, message content, and unified messaging features to inject malicious content or execute code. The document emphasizes that securing UC involves more than just securing VoIP, and recommends approaches like secure infrastructure design, authentication, and client protection to help secure these systems.
This document discusses penetration testing of VoIP networks using the Viproy VoIP penetration testing kit. It begins with an introduction of the author and his background in VoIP security. It then demonstrates the Viproy kit in action and discusses basic attacks against SIP services like discovery, footprinting, and spoofing calls. It also covers more advanced attacks like the SIP proxy bounce attack, creating fake services to perform man-in-the-middle attacks, distributed denial of service attacks, and exploiting trust relationships between SIP gateways. The document concludes by discussing fuzzing SIP services and clients to find vulnerabilities.
A survey of 500 IT security specialists found that roughly 40% believe they could hold their employer's network hostage by withholding encryption keys after leaving the company. Additionally, one third were confident they could bring a company to a halt with little effort using their knowledge of encryption keys and certificates. The study highlighted the need for companies to properly manage and monitor who has access to encryption keys to avoid security breaches.
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)Fatih Ozavci
Enterprise companies are increasingly using Microsoft Lync 2010/2013 (a.k.a Skype for Business 2015) services as call centre, internal communication, cloud communication and video conference platform. These services are based on the VoIP and instant messaging protocols, and support multiple client types such as Microsoft Office 365, Microsoft Lync, Skype for Business, IP phones and teleconference devices. Also the official clients are available for mobile devices (e.g. Windows phone, Android and iOS), desktops (Mac, Linux and Windows) and web applications developed with .NET framework. Although the Microsoft Lync platform has been developed along with the new technologies, it still suffers from old VoIP, teleconference and platform issues.
Modern VoIP attacks can be used to attack Microsoft Lync environments to obtain unauthorised access to the infrastructure. Open MS Lync frontend and edge servers, insecure federation security design, lack of encryption, insufficient defence for VoIP attacks and insecure compatibility options may allow attackers to hijack enterprise communications. The enterprise users and employees are also the next generation targets for these attackers. They can attack client soft phones and handsets using the broken communication, invalid protocol options and malicious messaging content to compromise sensitive business assets. These attacks may lead to privacy violations, legal issues, call/toll fraud and intelligence collection.
Attack vectors and practical threats against the Microsoft Lync ecosystem will be presented with newly published vulnerabilities and Microsoft Lync testing modules of the Viproy VoIP kit developed by the speaker. This will be accompanied by live demonstrations against a test environment.
• A brief introduction to Microsoft Lync ecosystem
• Security requirements, design vulnerabilities and priorities
• Modern threats against commercial Microsoft Lync services
• Demonstration of new attack vectors against target test platform
This document summarizes research on integrating encryption modules into the Sipdroid VoIP client. The research (1) developed encryption schemes using AES, DES, and RC4 and integrated them into Sipdroid, (2) created a test bed VoIP network to measure Sipdroid's performance with encryption, and (3) tested encryption's effects on quality of service metrics like packet loss, delay, and throughput. The results showed the encryption module worked well and increased delays slightly but did not significantly affect packet loss or throughput. Encrypted communications also could not be decoded when captured.
Performance Analysis between H.323 and SIP over VoIPijtsrd
There are a number of protocols that may be employed in order to provide the Voice over IP VoIP communication services. In VoIP system, H.323 and Session Initiation Protocol SIP are the two major standards. Both of these signaling protocols provide mechanisms for multimedia teleconferencing services. Although the two protocols architecture is quite similar, they have many differences. This system presents Voice Video over IP communication and summarizes the differences and performance of two major VoIP protocols, H.323 and SIP according to the packet delay variation, jitter, packet loss, and Packet end to end delay. It is found that both of them are non interoperable, approaching each other, their focus and applicability is still different. In this paper, the system is designed and configured by Graphical Network Simulator GNS3 and analyzed performance by Opnet Modeler Simulation. Thet Zaw Aye "Performance Analysis between H.323 and SIP over VoIP" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26647.pdfPaper URL: https://www.ijtsrd.com/engineering/computer-engineering/26647/performance-analysis-between-h323-and-sip-over-voip/thet-zaw-aye
Departed Communications: Learn the ways to smash them!Fatih Ozavci
Unified Communications (UC) is widely used by larger organisations for video conferences, office collaboration, cloud services and mobile communications. These services also have key roles in the IP Multimedia Subsystem (IMS) implementations of next generation mobile networks. As a result of these, customers require unified collaboration; and the telecommunications industry offers managed communications services and infrastructure using UC and IMS technologies. These offerings also come with design issues, well-known security vulnerabilities and legacy services.
Security testing of communication networks, however, is underestimated, and mostly under-scoped. Due to the lack of time and resources, the results of the security tests are only providing a security illusion. On the other hand, the advanced VoIP and UC attacks can be much faster and efficient with a proper methodology used. Therefore, this talk aims to improve the testing skills of the assurance teams for better penetration testing results. The theme of the talk is on transferring the VoIP and UC knowledge from a phreak to penetration testers. This will be performed through practical attack demonstrations, testing tips and automated actions.
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
Enterprise companies are using consumer and IoT devices to complete (or expand) their services such as broadband, IPTV, media streaming, satellite, voice and 3G/4G services. Although the devices are owned by the service providers, subscribers have limited (or full) access to them with service agreements. In addition to that, some of consumer devices also have roles on corporate communications, environment security or employee services. Consumer devices are located at subscriber premises; therefore, the traditional security testing approach only covers backend services security, not the devices.
Consumer and IoT devices are susceptible to hardware hacking based attacks such as firmware dumping, re-flashing with a custom firmware, and getting low level access using the physical management interfaces such as SPI, JTAG and UART. Low level access obtained can be used to modify device behaviours or their initial states. This helps attackers to debug consumer devices and operator services, to find new vulnerabilities, and to obtain the device configuration which may contain credentials for the service infrastructure.
Embedded device and hardware hacking is a rising skill set for penetration testers. It is required to understand targeted attacks which may include hardware implants, modified hardware attacking their own infrastructure or compromised devices that target the human factor. Some of advanced testing examples to be discussed are preparing a custom hardware for persistent access during a red teaming exercise, preparing a compromised consumer device for human factor pen-testing, attacking TR-069 services of a provider using smart home modems or altering the security controls of a device to abuse the service.
The presentation focuses on how the existing security testing techniques should be evolved with hardware and IoT hacking, and how service providers can make their infrastructure secure for cutting-edge attacks. Essential hardware hacking information, identifying and using physical management interfaces, hardware hacking toolset, well-known hardware attacks and hardware testing procedure will be presented in a road map for consumer devices security testing. Also a security testing approach will be explained to develop new security testing services and to improve existing ones such as red teaming, human factor pen-testing and infrastructure pen-testing.
SIP trunking: Weapon of mass communicationFlowroute
SIP trunking allows organizations to connect their phone systems to the PSTN over an IP connection instead of using traditional TDM trunks. This provides significant cost savings and flexibility. SIP trunking facilitates mobility by enabling voice calls over data connections. It also expands connectivity options by integrating with technologies like WebRTC. Choosing a SIP trunking provider requires considering factors like audio quality, support, online account tools, and standards compliance to ensure interoperability with existing systems and future technologies.
This document discusses VoIP (Voice over Internet Protocol) technology, including its challenges and applications. It covers topics like reliability issues, quality of service, fax transmission, emergency call handling, security concerns, case studies, and the VoIP market. Solutions proposed include improving network infrastructure, prioritizing emergency calls, encrypting VoIP traffic, and segmenting voice and data networks. The VoIP market is projected to grow significantly due to lower costs and the emergence of new communication services.
2FYSH: two-factor authentication you should have for password replacementTELKOMNIKA JOURNAL
Password has been the most used authentication system these days. However, strong passwords are hard to remember and unique to every account. Unfortunately, even with the strongest passwords, password authentication system can still be breached by some kind of attacks. 2FYSH is two tokens-based authentication protocol designed to replace the password authentication entirely. The two tokens are a mobile phone and an NFC card. By utilizing mobile phones as one of the tokens, 2FYSH is offering third layer of security for users that lock their phone with some kind of security. 2FYSH is secure since it uses public and private key along with challenge-response protocol. 2FYSH protects the user from usual password attacks such as man-in-the-middle attack, phishing, eavesdropping, brute forcing, shoulder surfing, key logging, and verifier leaking. The secure design of 2FYSH has made 90% of the usability test participants to prefer 2FYSH for securing their sensitive information. This fact makes 2FYSH best applied to secure sensitive data needs such as bank accounts and corporate secrets.
The document discusses techniques for detecting denial-of-service (DoS) attacks in Session Initiation Protocol (SIP)-based Voice over IP (VoIP) networks. It reviews several proposed detection mechanisms, including statistical detection using Hellinger's distance, a double-layered architecture using traffic scanning, and a distributed filtering mechanism. It also summarizes a mitigation mechanism that analyzes SIP messages and calls and a technique using entropy analysis to identify attacks. Overall, the document surveys different existing approaches for detecting DoS attacks that aim to disrupt availability in SIP-based VoIP networks.
This document discusses security issues related to Voice over Internet Protocol (VoIP). It begins by explaining what VoIP is and some of its early implementations. It then describes the basic protocols and protocol stacks used for VoIP signaling and sessions, including H.323, SIP, and RTP. The document outlines various roles in VoIP systems, such as administrators and operators. It identifies common attacks against VoIP networks like theft of service, man-in-the-middle attacks, IP spoofing, and denial-of-service attacks. It concludes that VoIP inherits security vulnerabilities from the Internet and that encryption, authentication, firewalls, and separating voice and data traffic are needed to secure VoIP networks.
Voice over IP (VOIP) Security Research- A ResearchIJMER
This document summarizes research on Voice over IP (VoIP) security. It begins with an overview of SIP (Session Initiation Protocol), a commonly used VoIP standard, and a taxonomy of VoIP security threats. It then surveys existing research on VoIP security classified according to the threat categories. The research covers threats like eavesdropping, denial of service attacks, toll fraud, and spam over IP telephony (SPIT). Approaches studied include encryption, authentication, reputation systems, audio fingerprinting, and Turing tests to detect automated SPIT callers. The goal is to identify gaps and guide future work on analyzing VoIP attackers and improving the security and resilience of VoIP systems.
This document provides an overview of Denial of Service (DoS) attacks on Session Initiation Protocol (SIP) based Voice over Internet Protocol (VoIP) infrastructure. It first introduces VoIP and SIP, describing SIP components and messages. It then discusses security issues with SIP such as eavesdropping, message tampering, and spoofing. Several types of SIP DoS attacks are classified, including SIP message payload tampering, SIP message flow tampering, and SIP message flooding attacks. The document concludes by stating that SIP DoS attacks can render SIP services inoperable and discussing previous work on analyzing the robustness of SIP servers under DoS attacks.
This document discusses a fraud monitoring system for voice over internet protocol (VoIP) telephony. It begins with an introduction to VoIP and defines fraud. It then discusses the history of VoIP and how VoIP connections work. Key points discussed include quality of service requirements, protocols used in VoIP like SIP and H.323, and security challenges like dynamic addressing and firewalls. The document examines how a fraud management system could address these security issues to help secure VoIP networks.
AN OVERVIEW OF VOICE OVER INTERNET PROTOCOL (VOIPSean Flores
This document discusses Voice over Internet Protocol (VoIP) including its protocols, security issues, benefits, and challenges. It begins by introducing VoIP and describing its basic operation and advantages like lower costs. It then covers specific VoIP protocols like SIP and H.323. The document analyzes VoIP considerations like delay, jitter, packet loss, and discusses how these issues can affect call quality. It also provides an overview of VoIP technologies and their benefits for businesses. Finally, it presents a case study on assessing network readiness for VoIP deployment.
VoIP security threats include vulnerabilities in confidentiality, integrity, and availability. Confidentiality can be impacted at the data link layer through ARP and at the network layer through IP address spoofing. Integrity risks include replay attacks at the transport layer. Availability risks include bandwidth consumption attacks and resource starvation attacks. VoIP security tools like SiVuS and c07-sip can help test for vulnerabilities, but have limitations and are still evolving as VoIP adoption increases. Proper security precautions are important as VoIP systems become more prevalent.
SIP (Session Initial Protocol) is an IETF standard used to initiate multimedia communication sessions over the internet. It establishes and terminates voice or video calls between two or more participants. SIP also allows modification of existing calls, such as adding or removing participants. Key network elements that enable SIP connectivity include user agents, SIP phones, proxy servers, registrars, and gateways.
Due to vulnerability of IP networks companies are facing more fraud attempts and threats on VoIP networks.
You are safe with Netas Nova Cyber Security Product Family
This document discusses security issues and solutions related to Voice over IP (VoIP) systems. It begins with an introduction to VoIP and how it works, describing the protocols used including SIP, H.323, MGCP and RTP. It then outlines various security attacks on VoIP systems such as eavesdropping, denial of service attacks, and masquerading. Finally, it discusses approaches to enhancing VoIP security, including using encryption, firewalls, authentication, and secure protocols like SRTP.
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxronak56
Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc.
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxdaniahendric
Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc ...
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
Abstract
Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over
high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication
features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to
security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of
VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues
in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security
framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness
Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features
protect the VoIP services not only from attacks but also from misuses.
A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud
Ashutosh Satapathy* and L. M. Jenila Livingston
School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India;
[email protected], [email protected]
Keywords: Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues
1. Introduction
The rapid progress of VoIP over traditional services is
led to a situation that is common to many innovations
and new technologies such as VoIP cloud and peer to
peer services like Skype, Google Hangout etc. VoIP is the
technology that supports sending voice (and video) over
an Internet protocol-based network1,2. This is completely
different than the public circuit-switched telephone net-
work. Circuit switching network allocates resources to
each individual call and path is permanent throughout
the call from start to end. Traditional telephony services
are provided by the protocols/components such as SS7, T
carriers, Plain Old Telephone Service (POTS), the Public
Switch Telephone Network (PSTN), dial up, local loops
and anything under International Telecommunication
Union. IP networks are based on packet switching and
each packet follows different path, has its own header and
is forwarded separately by routers. VoIP network can be
constructed in various ways by using both proprietary
protocols and protocols based on open standards.
1.1 VoIP Layer Architecture
VoIP communication system typically consist of a front
end platform (soft-phone, PBX, gateway, call manager),
back end platform (server, CPU, storage, memory, net-
work) and intermediate platforms such as VoIP protocols,
database, authentication server, web server, operating sys-
tems etc. It is mainly divided into five layers as shown in
Figure1.
1.2 VoIP Cloud Architecture
VoIP cloud is the framework for delivering telephony
services in which resourc.
An SBC provides security for VoIP networks by applying policies between trusted and untrusted networks like the Internet and private LAN. It protects against threats like denial of service attacks, toll fraud, and reconnaissance attacks by using features like intrusion prevention, rate limiting, and signature recognition. The SBC also enhances interoperability between different vendor systems and supports deployments in cloud environments.
More businesses are adopting VoIP due to cost savings and features, but it also brings security risks if not properly secured. VoIP traffic flows like unprotected data and is vulnerable to eavesdropping, hacked voicemail, spoofing and denial of service attacks. The Shodan search engine reveals unsecured VoIP devices online. Best practices include separating voice and data traffic, encrypting sensitive calls, keeping systems updated, restricting call types and training employees. Without proper security, VoIP systems risk exposing private information through breaches.
1, prevalent network threats and telecommunication security challenges and co...Alexander Decker
1) The document discusses security challenges and threats in VoIP networks, including eavesdropping, toll fraud, denial of service attacks, spam over internet telephony, and pharming attacks.
2) It proposes several defense measures to prevent these threats, such as intrusion detection systems, filtering techniques to resist spam, and load balancing algorithms to mitigate flash crowd attacks.
3) The vulnerabilities of VoIP networks arise because they use the open Internet for transmission, leaving them exposed to the security issues that exist on IP-based networks.
The document discusses how multi-service business gateways can secure enterprise VoIP networks by addressing various security threats. It outlines four categories of security threats to VoIP systems: network level threats, media threats, communication session threats, and application level threats. It then provides examples of network level threats like denial of service attacks and solutions like firewalls and VPNs. It also discusses securing RTP media by encrypting payloads and verifying integrity through hashing. Finally, it outlines how session border controllers within the business gateways can help secure communication sessions by preventing man-in-the-middle attacks and unauthorized session attempts through measures like encryption, access control lists, infrastructure hiding, and monitoring.
The document provides an overview of security requirements and constraints for voice over IP (VoIP) systems. It discusses security characteristics of existing VoIP protocols like H.323 and SIP, including authentication and encryption capabilities. It then lists key security requirements for VoIP like dynamic firewall control, bandwidth management, and encryption of signaling and media traffic. Finally, it analyzes security constraints imposed by factors like delay sensitivity of real-time voice, which can impact the use of public-key cryptography for authentication between all devices in the network.
THE GOOD SEED DROP-IN, Website - (goodseedcdc.org) MISSION.docxrtodd33
The Good Seed Drop-In center provides supportive housing, job training, comprehensive services, and individualized planning to help homeless youth ages 18-25 in California live and thrive. They serve populations experiencing homelessness, mental health issues, and substance abuse issues. Their programs include supportive housing, emergency shelters, job training, and homeless outreach. Their mission is to ensure youth have the tools to achieve their goals and live meaningful lives.
IMS is the 3GPP standard architecture for delivering multimedia services over next generation networks using common Internet protocols. It uses SIP for session initiation and provides efficient charging. The IMS architecture includes the P-CSCF for user contact, I-CSCF for routing to S-CSCF which handles registration and sessions, and HSS for subscriber and service data storage. VoLTE allows high quality voice calls over 4G LTE networks using IMS. SIP is an application layer protocol used to establish real-time communications sessions for voice, video or text using Internet-enabled devices. Call testing in IMS 4G networks can include VoLTE-VoLTE, VoLTE-Jio join, and video calls
Similar to Analysis of VoIP Forensics with Digital Evidence Procedure (20)
Due to availability of internet and evolution of embedded devices, Internet of things can be useful to contribute in energy domain. The Internet of Things (IoT) will deliver a smarter grid to enable more information and connectivity throughout the infrastructure and to homes. Through the IoT, consumers, manufacturers and utility providers will come across new ways to manage devices and ultimately conserve resources and save money by using smart meters, home gateways, smart plugs and connected appliances. The future smart home, various devices will be able to measure and share their energy consumption, and actively participate in house-wide or building wide energy management systems. This paper discusses the different approaches being taken worldwide to connect the smart grid. Full system solutions can be developed by combining hardware and software to address some of the challenges in building a smarter and more connected smart grid.
A Survey Report on : Security & Challenges in Internet of Thingsijsrd.com
In the era of computing technology, Internet of Things (IoT) devices are now popular in each and every domains like e-governance, e-Health, e-Home, e-Commerce, and e-Trafficking etc. Iot is spreading from small to large applications in all fields like Smart Cities, Smart Grids, Smart Transportation. As on one side IoT provide facilities and services for the society. On the other hand, IoT security is also a crucial issues.IoT security is an area which totally concerned for giving security to connected devices and networks in the IoT .As, IoT is vast area with usability, performance, security, and reliability as a major challenges in it. The growth of the IoT is exponentially increases as driven by market pressures, which proportionally increases the security threats involved in IoT The relationship between the security and billions of devices connecting to the Internet cannot be described with existing mathematical methods. In this paper, we explore the opportunities possible in the IoT with security threats and challenges associated with it.
In today’s emerging world of Internet, each and every thing is supposed to be in connected mode with the help of billions of smart devices. By connecting all the devises used in our day to day life, make our life trouble less and easy. We are incorporated in a world where we are used to have smart phones, smart cars, smart gadgets, smart homes and smart cities. Different institutes and researchers are working for creating a smart world for us but real question which we need to emphasis on is how to make dumb devises talk with uncommon hardware and communication technology. For the same what kind of mechanism to use with various protocols and less human interaction. The purpose is to provide the key area for application of IoT and a platform on which various devices having different mechanism and protocols can communicate with an integrated architecture.
Study on Issues in Managing and Protecting Data of IOTijsrd.com
This paper discusses variety of issues for preserving and managing data produced by IoT. Every second large amount of data are added or updated in the IoT databases across the heterogeneous environment. While managing the data each phase of data processing for IoT data is exigent like storing data, querying, indexing, transaction management and failure handling. We also refer to the problem of data integration and protection as data requires to be fit in single layout and travel securely as they arrive in the pool from diversified sources in different structure. Finally, we confer a standardized pathway to manage and to defend data in consistent manner.
Interactive Technologies for Improving Quality of Education to Build Collabor...ijsrd.com
Today with advancement in Information Communication Technology (ICT) the way the education is being delivered is seeing a paradigm shift from boring classroom lectures to interactive applications such as 2-D and 3-D learning content, animations, live videos, response systems, interactive panels, education games, virtual laboratories and collaborative research (data gathering and analysis) etc. Engineering is emerging with more innovative solutions in the field of education and bringing out their innovative products to improve education delivery. The academic institutes which were once hesitant to use such technology are now looking forward to such innovations. They are adopting the new ways as they are realizing the vast benefits of using such methods and technology. The benefits are better comprehensibility, improved learning efficiency of students, and access to vast knowledge resources, geographical reach, quick feedback, accountability and quality research. This paper focuses on how engineering can leverage the latest technology and build a collaborative learning environment which can then be integrated with the national e-learning grid.
Internet of Things - Paradigm Shift of Future Internet Application for Specia...ijsrd.com
In the world more than 15% people are living with disability that also include children below age of 10 years. Due to lack of independent support services specially abled (handicap) people overly rely on other people for their basic needs, that excludes them from being financially and socially active. The Internet of Things (IoT) can give support system and a better quality of life as well as participation in routine and day to day life. For this purpose, the future solutions for current problems has been introduced in this paper. Daunting challenges have been considered as future research and glimpse of the IoT for specially abled person is given in the paper.
A Study of the Adverse Effects of IoT on Student's Lifeijsrd.com
Internet of things (IoT) is the most powerful invention and if used in the positive direction, internet can prove to be very productive. But, now a days, due to the social networking sites such as Face book, WhatsApp, twitter, hike etc. internet is producing adverse effects on the student life, especially those students studying at college Level. As it is rightly said, something which has some positive effects also has some of the negative effects on the other hand. In this article, we are discussing some adverse effects of IoT on student’s life.
Pedagogy for Effective use of ICT in English Language Learningijsrd.com
The use of information and communications technology (ICT) in education is a relatively new phenomenon and it has been the educational researchers' focus of attention for more than two decades. Educators and researchers examine the challenges of using ICT and think of new ways to integrate ICT into the curriculum. However, there are some barriers for the teachers that prevent them to use ICT in the classroom and develop supporting materials through ICT. The purpose of this study is to examine the high school English teachers’ perceptions of the factors discouraging teachers to use ICT in the classroom.
In recent years usage of private vehicles create urban traffic more and more crowded. As result traffic becomes one of the important problems in big cities in all over the world. Some of the traffic concerns are traffic jam and accidents which have caused a huge waste of time, more fuel consumption and more pollution. Time is very important parameter in routine life. The main problem faced by the people is real time routing. Our solution Virtual Eye will provide the current updates as in the real time scenario of the specific route. This research paper presents smart traffic navigation system, based on Internet of Things, which is featured by low cost, high compatibility, easy to upgrade, to replace traditional traffic management system and the proposed system can improve road traffic tremendously.
Ontological Model of Educational Programs in Computer Science (Bachelor and M...ijsrd.com
In this work there is illustrated an ontological model of educational programs in computer science for bachelor and master degrees in Computer science and for master educational program “Computer science as second competence†by Tempus project PROMIS.
Understanding IoT Management for Smart Refrigeratorijsrd.com
1) The document discusses a proposed design for an intelligent refrigerator that leverages sensor technology and wireless communication to identify food items and order more through an internet connection when supplies are low.
2) Key aspects of the proposal include using RFID to uniquely identify each food item, storing item and usage data in an XML database, monitoring usage patterns to determine reordering needs, and executing orders through an online retailer using stored payment details.
3) Security and privacy concerns with such an internet-connected refrigerator are discussed, such as potential hacking of personal information or unauthorized device control. The proposal aims to minimize human interaction for household management.
DESIGN AND ANALYSIS OF DOUBLE WISHBONE SUSPENSION SYSTEM USING FINITE ELEMENT...ijsrd.com
Double wishbone designs allow the engineer to carefully control the motion of the wheel throughout suspension travel. 3-D model of the Lower Wishbone Arm is prepared by using CAD software for modal and stress analysis. The forces and moments are used as the boundary conditions for finite element model of the wishbone arm. By using these boundary conditions static analysis is carried out. Then making the load as a function of time; quasi-static analysis of the wishbone arm is carried out. A finite element based optimization is used to optimize the design of lower wishbone arm. Topology optimization and material optimization techniques are used to optimize lower wishbone arm design.
A Review: Microwave Energy for materials processingijsrd.com
Microwave energy is a latest largest growing technique for material processing. This paper presents a review of microwave technologies used for material processing and its use for industrial applications. Advantages in using microwave energy for processing material include rapid heating, high heating efficiency, heating uniformity and clean energy. The microwave heating has various characteristics and due to which it has been become popular for heating low temperature applications to high temperature applications. In recent years this novel technique has been successfully utilized for the processing of metallic materials. Many researchers have reported microwave energy for sintering, joining and cladding of metallic materials. The aim of this paper is to show the use of microwave energy not only for non-metallic materials but also the metallic materials. The ability to process metals with microwave could assist in the manufacturing of high performance metal parts desired in many industries, for example in automotive and aeronautical industries.
Web Usage Mining: A Survey on User's Navigation Pattern from Web Logsijsrd.com
With an expontial growth of World Wide Web, there are so many information overloaded and it became hard to find out data according to need. Web usage mining is a part of web mining, which deal with automatic discovery of user navigation pattern from web log. This paper presents an overview of web mining and also provide navigation pattern from classification and clustering algorithm for web usage mining. Web usage mining contain three important task namely data preprocessing, pattern discovery and pattern analysis based on discovered pattern. And also contain the comparative study of web mining techniques.
APPLICATION OF STATCOM to IMPROVED DYNAMIC PERFORMANCE OF POWER SYSTEMijsrd.com
Application of FACTS controller called Static Synchronous Compensator STATCOM to improve the performance of power grid with Wind Farms is investigated .The essential feature of the STATCOM is that it has the ability to absorb or inject fastly the reactive power with power grid . Therefore the voltage regulation of the power grid with STATCOM FACTS device is achieved. Moreover restoring the stability of the power system having wind farm after occurring severe disturbance such as faults or wind farm mechanical power variation is obtained with STATCOM controller . The dynamic model of the power system having wind farm controlled by proposed STATCOM is developed . To validate the powerful of the STATCOM FACTS controller, the studied power system is simulated and subjected to different severe disturbances. The results prove the effectiveness of the proposed STATCOM controller in terms of fast damping the power system oscillations and restoring the power system stability.
Making model of dual axis solar tracking with Maximum Power Point Trackingijsrd.com
Now a days solar harvesting is more popular. As the popularity become higher the material quality and solar tracking methods are more improved. There are several factors affecting the solar system. Major influence on solar cell, intensity of source radiation and storage techniques The materials used in solar cell manufacturing limit the efficiency of solar cell. This makes it particularly difficult to make considerable improvements in the performance of the cell, and hence restricts the efficiency of the overall collection process. Therefore, the most attainable maximum power point tracking method of improving the performance of solar power collection is to increase the mean intensity of radiation received from the source used. The purposed of tracking system controls elevation and orientation angles of solar panels such that the panels always maintain perpendicular to the sunlight. The measured variables of our automatic system were compared with those of a fixed angle PV system. As a result of the experiment, the voltage generated by the proposed tracking system has an overall of about 28.11% more than the fixed angle PV system. There are three major approaches for maximizing power extraction in medium and large scale systems. They are sun tracking, maximum power point (MPP) tracking or both.
A REVIEW PAPER ON PERFORMANCE AND EMISSION TEST OF 4 STROKE DIESEL ENGINE USI...ijsrd.com
This document summarizes a review paper on performance and emission testing of a 4-stroke diesel engine using ethanol-diesel blends at different pressures. The paper reviews several previous studies that tested blends of 5-30% ethanol mixed with diesel fuel. The studies found that a 10-20% ethanol blend can improve brake thermal efficiency compared to pure diesel, while also reducing emissions like NOx and smoke. Higher ethanol blends required advancing the injection timing to allow the engine to run. Ethanol-diesel blends were found to have lower density, viscosity, pour point and higher flash point compared to pure diesel. Overall, ethanol shows potential as a renewable fuel to improve engine performance and reduce emissions when blended with diesel
Study and Review on Various Current Comparatorsijsrd.com
This paper presents study and review on various current comparators. It also describes low voltage current comparator using flipped voltage follower (FVF) to obtain the single supply voltage. This circuit has short propagation delay and occupies a small chip area as compare to other current comparators. The results of this circuit has obtained using PSpice simulator for 0.18 μm CMOS technology and a comparison has been performed with its non FVF counterpart to contrast its effectiveness, simplicity, compactness and low power consumption.
Reducing Silicon Real Estate and Switching Activity Using Low Power Test Patt...ijsrd.com
Power dissipation is a challenging problem for today's system-on-chip design and test. This paper presents a novel architecture which generates the test patterns with reduced switching activities; it has the advantage of low test power and low hardware overhead. The proposed LP-TPG (test pattern generator) structure consists of modified low power linear feedback shift register (LP-LFSR), m-bit counter, gray counter, NOR-gate structure and XOR-array. The seed generated from LP-LFSR is EXCLUSIVE-OR ed with the data generated from gray code generator. The XOR result of the sequence is single input changing (SIC) sequence, in turn reduces the switching activity and so power dissipation will be very less. The proposed architecture is simulated using Modelsim and synthesized using Xilinx ISE9.2.The Xilinx chip scope tool will be used to test the logic running on FPGA.
Defending Reactive Jammers in WSN using a Trigger Identification Service.ijsrd.com
In the last decade, the greatest threat to the wireless sensor network has been Reactive Jamming Attack because it is difficult to be disclosed and defend as well as due to its mass destruction to legitimate sensor communications. As discussed above about the Reactive Jammers Nodes, a new scheme to deactivate them efficiently is by identifying all trigger nodes, where transmissions invoke the jammer nodes, which has been proposed and developed. Due to this identification mechanism, many existing reactive jamming defending schemes can be benefited. This Trigger Identification can also work as an application layer .In this paper, on one side we provide the several optimization problems to provide complete trigger identification service framework for unreliable wireless sensor networks and on the other side we also provide an improved algorithm with regard to two sophisticated jamming models, in order to enhance its robustness for various network scenarios.
Software Engineering and Project Management - Software Testing + Agile Method...Prakhyath Rai
Software Testing: A Strategic Approach to Software Testing, Strategic Issues, Test Strategies for Conventional Software, Test Strategies for Object -Oriented Software, Validation Testing, System Testing, The Art of Debugging.
Agile Methodology: Before Agile – Waterfall, Agile Development.
Generative AI Use cases applications solutions and implementation.pdfmahaffeycheryld
Generative AI solutions encompass a range of capabilities from content creation to complex problem-solving across industries. Implementing generative AI involves identifying specific business needs, developing tailored AI models using techniques like GANs and VAEs, and integrating these models into existing workflows. Data quality and continuous model refinement are crucial for effective implementation. Businesses must also consider ethical implications and ensure transparency in AI decision-making. Generative AI's implementation aims to enhance efficiency, creativity, and innovation by leveraging autonomous generation and sophisticated learning algorithms to meet diverse business challenges.
https://www.leewayhertz.com/generative-ai-use-cases-and-applications/
Discover the latest insights on Data Driven Maintenance with our comprehensive webinar presentation. Learn about traditional maintenance challenges, the right approach to utilizing data, and the benefits of adopting a Data Driven Maintenance strategy. Explore real-world examples, industry best practices, and innovative solutions like FMECA and the D3M model. This presentation, led by expert Jules Oudmans, is essential for asset owners looking to optimize their maintenance processes and leverage digital technologies for improved efficiency and performance. Download now to stay ahead in the evolving maintenance landscape.
Tools & Techniques for Commissioning and Maintaining PV Systems W-Animations ...Transcat
Join us for this solutions-based webinar on the tools and techniques for commissioning and maintaining PV Systems. In this session, we'll review the process of building and maintaining a solar array, starting with installation and commissioning, then reviewing operations and maintenance of the system. This course will review insulation resistance testing, I-V curve testing, earth-bond continuity, ground resistance testing, performance tests, visual inspections, ground and arc fault testing procedures, and power quality analysis.
Fluke Solar Application Specialist Will White is presenting on this engaging topic:
Will has worked in the renewable energy industry since 2005, first as an installer for a small east coast solar integrator before adding sales, design, and project management to his skillset. In 2022, Will joined Fluke as a solar application specialist, where he supports their renewable energy testing equipment like IV-curve tracers, electrical meters, and thermal imaging cameras. Experienced in wind power, solar thermal, energy storage, and all scales of PV, Will has primarily focused on residential and small commercial systems. He is passionate about implementing high-quality, code-compliant installation techniques.
Digital Twins Computer Networking Paper Presentation.pptxaryanpankaj78
A Digital Twin in computer networking is a virtual representation of a physical network, used to simulate, analyze, and optimize network performance and reliability. It leverages real-time data to enhance network management, predict issues, and improve decision-making processes.
Null Bangalore | Pentesters Approach to AWS IAMDivyanshu
#Abstract:
- Learn more about the real-world methods for auditing AWS IAM (Identity and Access Management) as a pentester. So let us proceed with a brief discussion of IAM as well as some typical misconfigurations and their potential exploits in order to reinforce the understanding of IAM security best practices.
- Gain actionable insights into AWS IAM policies and roles, using hands on approach.
#Prerequisites:
- Basic understanding of AWS services and architecture
- Familiarity with cloud security concepts
- Experience using the AWS Management Console or AWS CLI.
- For hands on lab create account on [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
# Scenario Covered:
- Basics of IAM in AWS
- Implementing IAM Policies with Least Privilege to Manage S3 Bucket
- Objective: Create an S3 bucket with least privilege IAM policy and validate access.
- Steps:
- Create S3 bucket.
- Attach least privilege policy to IAM user.
- Validate access.
- Exploiting IAM PassRole Misconfiguration
-Allows a user to pass a specific IAM role to an AWS service (ec2), typically used for service access delegation. Then exploit PassRole Misconfiguration granting unauthorized access to sensitive resources.
- Objective: Demonstrate how a PassRole misconfiguration can grant unauthorized access.
- Steps:
- Allow user to pass IAM role to EC2.
- Exploit misconfiguration for unauthorized access.
- Access sensitive resources.
- Exploiting IAM AssumeRole Misconfiguration with Overly Permissive Role
- An overly permissive IAM role configuration can lead to privilege escalation by creating a role with administrative privileges and allow a user to assume this role.
- Objective: Show how overly permissive IAM roles can lead to privilege escalation.
- Steps:
- Create role with administrative privileges.
- Allow user to assume the role.
- Perform administrative actions.
- Differentiation between PassRole vs AssumeRole
Try at [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
Software Engineering and Project Management - Introduction, Modeling Concepts...Prakhyath Rai
Introduction, Modeling Concepts and Class Modeling: What is Object orientation? What is OO development? OO Themes; Evidence for usefulness of OO development; OO modeling history. Modeling
as Design technique: Modeling, abstraction, The Three models. Class Modeling: Object and Class Concept, Link and associations concepts, Generalization and Inheritance, A sample class model, Navigation of class models, and UML diagrams
Building the Analysis Models: Requirement Analysis, Analysis Model Approaches, Data modeling Concepts, Object Oriented Analysis, Scenario-Based Modeling, Flow-Oriented Modeling, class Based Modeling, Creating a Behavioral Model.
Software Engineering and Project Management - Introduction, Modeling Concepts...
Analysis of VoIP Forensics with Digital Evidence Procedure
1. IJSRD - International Journal for Scientific Research & Development| Vol. 1, Issue 4, 2013 | ISSN (online): 2321-0613
All rights reserved by www.ijsrd.com 884
Abstract— The invention of Voice over Internet Protocol
(VoIP) in communication technology created significant
attractive services for its users, it also brings new security
threats. Criminals exploit these security threats to perform
illegal activities such as VoIP malicious attacks, this will
require digital forensic investigators to detect and provide
digital evidence. Finding digital evidence in VoIP malicious
attacks is the most difficult task, due to its associated
features with converged network. In this paper, a Model of
investigating VoIP malicious attacks is proposed for
forensic analysis. VoIP spoofing is being a common and
most important threat to the VoIP users. It is technically
possible for an attacker to masquerade as another VoIP
caller (VoIP spoofing). A design of a SIP which will try to
capture all of the data on a VoIP network and process it for
forensic analysis with also detection of the spoofing or the
fake caller address.
Keywords: VoIP, Spoofing, Digital Evidence, Digital
Forensics, SIP
I. INTRODUCTION
Securing VoIP is not an easy task, as it needs efforts in
several stages. One of the essential issues in VoIP security is
protecting the signaling messages being exchanged between
VoIP infrastructures. Signaling does not transfer voice
packets, but is designed for establishing, controlling,
modifying and terminating communications. The protection
of signaling includes integrity and confidentiality of
signaling messages as well as availability and confidentiality
of signaling services [1]. Another core issue in VoIP security
is protecting multimedia communications between
endpoints, which is a separate topic from signaling security.
It consist confidentiality, integrity and availability of
multimedia communications. In this thesis, the scope of our
research ONLY focuses on the security issues of SIP, a
signaling protocol. Security issues deal with the problems
encountered during the authentication phase rather than at
the communication phase. It focuses on the pre-requisites of
the communication so that the attacks can be avoided.
Traditionally, in the normal telephone network, it was much
harder to spoof Caller ID as at every end, a unique phone
number is assigned by the phone company. Today, with the
move to SIP trunks and VoIP technology, spoofing caller ID
is fairly trivial. It has been said that the nature of VoIP calls
make it difficult to trace the identity or location of the
callers. The most outstanding phenomena is Dialing
telephone numbers directly by the arbitrary number
modification software, for fraudulent activities which is
termed as CALLER ID SPOOFING. Existing protocol will
not provide the mechanism for spoofing detection and
prevention. The main challenge in VoIP is to accurately
identify that from where actually the call has been initialized
and identify the legitimate caller.[1,2]
This research focuses on the tendency of the evildoers to
use existing communication technology while committing
the crime basically the SPOOFING in VoIP. The analysis
will be focused on the security of internet phone and design
a prevention method of internet phone call attack and the
attention points of setting up a internet phone to prevent it
from such phone frauds. A design of SIP which will prevent
VoIP spoofing using Public Key Infrastructure concepts and
use it as forensic analysis, all this will help in the detection
and prevention of the spoofing or identify the fake caller.
II. BACKGROUND THEORY
A. What is VoIP? [3]
VoIP stands for-Voice over Internet Protocol (VoIP) or
transmission of voice over internet. In more simple terms,
one can say that VoIP is the transmission of voice over the
digital network. VoIP is an innovative technology which
enables its users to make calls through the existing packet-
switched networks (e.g., the Internet) instead of traditional
PSTN networks. The concept of VoIP is based on the factor
that packets running over an IP network can deliver different
kinds of multimedia contents including text, pictures, audio
and video.
B. VoIP Spoofing Attack
An attacker may insert fake (spoofed) messages into a
certain VoIP session to interrupt the service, or insert them
to steal the session. Attackers and spammers equently spoof
identities in order to become untraceable. It is possible for
an attacker to masquerade as another VoIP caller (VoIP
spoofing).
1) Why people are doing spoofing?
Attackers can use call spoofing for many cyber-crimes.
These may be the main reasons.
1) Making abusive or threatening calls.
2) Making calls from bank numbers to ask users
personal banking details.
3) Marketing company using this to fake a number to
show that it comes from local area. And then trick
users to sale their services.
C. Digital Evidence [7]
Digital evidence or Electronic evidence is any probative
information stored or transmitted in digital form that a party
to a court case may use at trial. Before accepting digital
evidence a court will determine if the evidence is relevant,
whether it is authentic, if it is hearsay and whether a copy is
acceptable or the original is required.
Analysis of VoIP Forensics with Digital Evidence Procedure
Ovel Database-Centric Framework For Incremental Information
Extraction
Riddhi Patel1
Aditya K. Sinha2
1
PG Student 2
Principal Technical Officer
1
Department of Computer Engineering, GTU, India 2
CDAC-ACTS, Pune, India
S.P.B.Patel Engineering College, Mehsana, Gujarat
2. Analysis of VoIP Forensics with Digital Evidence Procedure
(IJSRD/Vol. 1/Issue 4/2013/0020)
All rights reserved by www.ijsrd.com 885
1) Integrating Digital Evidence with VoIP call
1) In VoIP we can find address of spoofed call and
present it as evidence in court.
2) So, basically when a VoIP call is made to some one’s
phone and when one find sit as a spoofed(different)
address on the screen then here will try to prevent the
system from spoofed call after crime, if crime has been
done using VoIP, so we can get back to the attacker
using digital evidence. Here, the digital certificate
from CA for that particular user which has been shown
as caller ID can be presented as evidence.
III. ANALYSIS OF EXISTING SIP PROTOCOL IN VOIP
PACKET
A. Introducing SIP [4]
SIP, developed by IETF, is a text-encoded protocol based on
elements from the HTTP and SMTP protocols. The primary
function of SIP is to establish or terminate a session between
two or more endpoints, but it also contains other important
function such as notification for presence and short
messaging services. Similar to email users, SIP users are
rep-resented by means of Uniform Resource Identifier
(URI), a universal name with a pair of domain name and a
user name registered for this domain. Most current SIP
applications in the real world employ a client/server
transaction model similar to HTTP. A SIP client generates
SIP request messages and a SIP server responds by
generating response messages. SIP RFC is RFC 3261.[5]
That being said, SIP is flexible and open enough to
allow developers to build their own “hooks” into SIP. This
flexibility has given SIP an advantage over other
“telecommunications protocols,” and is why many
enterprises are eager to develop, implement, and use SIP.
B. SIP SERVICES [4]
SIP supports basically five services for managing
communication:
1) User Location: determination of the end system to
be used for communication
2) User Availability: determination of the willingness
of the called party to engage in communications.
3) User Capabilities: determination of the media and its
parameters to be used.
4) Call Setup: ringing and establishing call parameters
at both called and calling party.
5) Call handling: the transfer and termination of calls.
C. Components of SIP [5]
1) User Agent Client: Actual client who is requesting
for call to establish. Eg: Soft phone, IP phone
2) User Agent Server: It is a server which is
responsible to initiate the call to the destination and
provides VoIP services.
3) Registration Server: In order to establish call, user
(UAC) has to get registered to the SIP server. So
registration server will performs the authorization
of user.
4) Proxy Server: It works as a forwarder, in which UA
will locate one proxy server, proxy will forward it
to another and so on up to the destination server. It
also provides routing, authentication, authorization,
address resolution, and loop detection.
D. Security mechanism in SIP RFC [8]
Here, we have listed some of the security mechanisms with
a detailed explanation given below:
1) SIP Digest
This digest authentication algorithm (RFC-2617) is
currently the most frequently deployed security mechanism
with SIP. Derived from HTTP Digest it allows
authentication of a SIP subscriber (user agent, proxy-server
or registrar server). It is based on the transmission of a
shared secret, which consists of a checksum over a nonce
and parameters (user name, password, nonce, SIP method,
Request URI). SIP Digest does not exchange passwords.
The shared secret is hashed using MD5 or SHA- 1. SHA-1
is the IETF recommendation.
2) SIPS
SIPS (SIP over SSL/TLS) protect sensitive data such as
SIP URI, IP addresses from sniffing or message
manipulation. The URI scheme slightly differs from the
conventional SIP URI: sips:this_is_me@sip.com. SIPS
encrypts a connection between a SIP subscriber and a SIPS
URI and the network instances (user agent, proxy server,
DNS server, location server) in between via SSL/TLS.
However, because of SSL/TLS SIPS has to be transmitted
via TCP, instead of UDP. The default TCP port for SIP
over TLS is 5061. User authentication is accomplished by
SIP Digest, which hashes the SIP message (digital
signature).
3) SRTP
As RTP and RTCP do not offer any protection against
sniffing and manipulation of VoIP data, SRTP (Secure
Real-Time Transport Protocol; RFC-3711) has been
developed. It constitutes an alternative to IPsec based VPN
communications, particularly for real-time transport. SRTP
encrypts data symmetrically with AES2 (Advanced
Encryption Standard), i.e. SRTP is the secured variant of
RTP and SRTCP of RTCP respectively. They complicate
attacks such as sniffing, replay and DoS. For transportation
RTP/RTCP packets are encapsulated in SRTP/SRTCP
packets. Security features of SRTP comprise:
1) Encryption of the media stream (against sniffing)
2) Authentication of the sender (against identity
spoofing)
3) Validation of the integrity (against
modification/manipulation)
4) Replay3 protection (against unauthorized access to
end-points)
4) S/MIME
S/MIME (Security/Multipurpose Internet Mail Extension;
RFC-2311) has been originally designed to encrypt and
authenticate message bodies (MIME) in email
communications. However, MIME is not restricted to email
messaging. It can be applied for secured end-to-end
transport of message bodies within IP and thus it is suitable
for SIP. In addition to SDP parameters detailed subscriber
information data (e.g. presence information) can be secured
as well. In contrast to SIP, where encryption is only applied
on a “hop-by-hop” basis and thus information contained in
the message bodies are unencrypted within the traversed
SIP network, S/MIME offers “end-to-end” encryption.
3. Analysis of VoIP Forensics with Digital Evidence Procedure
(IJSRD/Vol. 1/Issue 4/2013/0020)
All rights reserved by www.ijsrd.com 886
Table (3): Overview of VoIP Security Protocol
IV. PROBLEMS IN SIP AUTHENTICATION
We have two major weaknesses in HTTP digest
authentication in SIP. The first missing security issue is the
lack of securing all headers and parameters in SIP which
would possibly need protection. The second security
weakness, relating to digest authentication, is the
requirement of pre-existing user configuration on servers,
which does not scale well [9].Though, for authenticating in
cellular mobile communication, it provides simple
authentication. This solution enables a mutual authentication
between any devices and the network. This security policy
requires a shared secret key and a shared cryptographic
algorithm that exist in SIP. So, pre-share keys are one of the
main problems for security distributed keys and cause
algorithm load for encode and decode security information
packet. S/MIME in SIP is used on carrying signed or
encrypted replication of headers and authenticating users.
This mechanism lacks the public key distribution problem,
which means that the public keys used in authentication are
difficult to distribute and maintain. The public key
infrastructure is also susceptible to man-in-the middle attack
[3]. It uses several hash computations and server certificates
to ensure security. This causes overhead and reduction in
performance.
1) One of the crucial security issues faced by current SIP
Protocol in how to authenticate end user identities. In
SIP , the identity of an end user is defined by its SIP
Uniform Identifier(URI), Which typically has a
canonical address-of record(AoR), From field, for ex:
sip:alice@10.0.2.1 . There are several places within a
SIP request where an end user can express his identity.
For example, the user populated From header field in the
SIP INVITE message. Hence an end user can spoof his
identity by inserting a false address in the From field and
there is no mechanism for verifying that field.
2) Source IP cannot be determine because VoIP assign IP
address dynamically. Since request and response each of
the header contains the field name as “Via:” which store
the path of each proxy so that receiver can communicate
to the same path but the problem is that what about the
path from UAC to proxy, proxy will not store that
address, only SIP address of the caller (UAC) will be in
the header but not any other information. So that makes
it difficult to reach to the caller. In the proposed SIP
stack they have the proxy which has the authentication
certificate. but they do not have the client which has its
own certificate which uniquely identifies the user and its
public key and private key. Another problem is the path
between caller (UAC) to proxy is still unsecure so that
the authentication is also unsecure because man in the
middle attack can be possible between UAC and proxy.
If the user is authorized then it won’t create any problem
but if the user is attacker and he wants to attack by doing
spoofed call then we can never determine that who has
done attack and from where it has been initiated because
VoIP uses dynamic IP address.
3) In the existing mechanism, SIP can provide client-to-
client protection only at the time of media exchange
using RTP and not at the time of authentication. So to
lessen the impact of the vulnerabilities from all the above
mentioned issues. There is a need for a stronger
authentication mechanism.
V. PROPOSED APPROACH
A. Proposed Authentication Mechanism
The proposed mechanism has the following features, as
shown below:
1) Proposes a transitive authentication mechanism
1) A new SIP header
2) An authentication service running on proxies
and UAC both
3) Only relevant for SIP requests, not responses
B. Steps in header verification
1) Acquire certificate for domain either stored or
retrieved
2) Validate certificate, determine signer's authority over
“From”
3) Verify signature
4) Validate Date, Contact, Call-ID
We will start explaining the concept starting from the
problem mentioned below:
Suppose if Alice sends an INVITE message along with her
signature to Bob, then Bob would require Alice’s public key
to verify her signature. Hence in this case, Bob is faced with
two problems:
1) How and from where would Bob retrieve Alice’s
public key?
2) And how can Alice be sure that the key is actually
Bob’s public key and not the attacker’s public key?
Public Key Infrastructure (PKI) helps solve the above
problem. The purpose of PKI is to help Bob retrieve Alice’s
public key, and to assure Alice that the key really belongs to
Alice and not of somebody else. PKI distributes public keys
using public key certificates.
However, with VoIP communications the audio signal is
converted in several encrypted digital 'packets' which are
sent separately via different routes across the internet, only
re-collating when they reach the other user's computer. This
means that there is no exchange through which all the
information passes and so traditional methods of
interception are ineffective. Instead, the problem of
interception becomes one for computer forensic analysts.
4. Analysis of VoIP Forensics with Digital Evidence Procedure
(IJSRD/Vol. 1/Issue 4/2013/0020)
All rights reserved by www.ijsrd.com 887
Fig (1): Proposed Approach
VI. PERFORMANCE EVALUATION, RESULT &
ANALYSIS
A. Analysis of Modified SIP Protocol
The end user certificate and a server certificate has been
created by running the “riddhi_certificate_create” script in
the contrib/scripts shown as below.
Fig (2)
In the development, standardization and implementation of
LTE Networks based on Orthogonal Freq. Division Multiple
Access (OFDMA), simulations are necessary to test as well
as optimize algorithms and procedures before real time
establishment. This can be done by both Physical Layer
(Link-Level) and Network (System-Level) context. This
paper proposes Network Simulator 3 (NS-3) which is
capable of evaluating the performance of the Downlink
Shared Channel of LTE networks and comparing it with
available MATLAB based LTE System Level Simulator
performance.
KEY WORDS--3GPP, LTE, Downlink, NS-3, Simulator,
MAC, PHY
VII. INTRODUCTION
The Long Term Evolution (LTE) standard specified by the
3rd Generation Partnership Project (3GPP) is a new mobile
communication technology, which is evolution of the
Universal Mobile Telecommunications System (UMTS) and
High-Speed Packet Access (HSPA) systems. LTE intends to
deliver high speed data and multimedia services to next
generation. LTE is also backward compatible with the
CDMA family of technologies and thereby enables even
CDMA operators to move to this technology. The main
reasons for these changes in the Radio Access Network
(RAN) system design are the need to provide higher spectral
efficiency, lower delay, and more multi-user flexibility than
the currently deployed networks. LTE supports scalable
carrier bandwidths, from 1.4 MHz to 20 MHz and supports
both frequency division duplexing (FDD) and time-division
duplexing (TDD). The IP-based network architecture called
the Evolved Packet Core (EPC) is designed to replace the
GPRS Core Network. The LTE device has been conceived
as a container of several entities: the IP classifier, the RRC
entity, the MAC entity and the PHY layer. The core of the
LTE module is composed by both MAC and PHY layers of
an LTE device.
The Evolved Packet Core comprises the Mobility
Management Entity (MME), the Serving Gateway (SGW),
and the Packet Data Network Gateway (PGW). The MME is
responsible for user mobility, intra-LTE handover, and
tracking and paging procedures of User Equipment (UEs)
upon connection establishment. The main purpose of the
SGW is, instead, to route and forward user data packets
among LTE nodes, and to manage handover among LTE
and other 3GPP technologies. The PGW interconnects LTE
network with the rest of the world, providing connectivity
among UEs and external packet data networks. The LTE
access network can host only two kinds of node: the UE
(that is the end-user) and the eNB. Note that eNB nodes are
directly connected to each other (this speeds up signaling
procedures) and to the MME gateway. The eNB is the only
device in charge of performing both radio resource
management and control procedures on the radio interface.
Figure 1 shows Service Architecture Evolution in LTE
network [7].
After certificate generation, now we will try to
establish a call between two of the clients using the
certificates and then analyze the call for the resultant
scenario. For that we have to recompile our modified SIP
code and run SIP phone again.
Once a call has been established will capture the
VoIP Packets using WIRESHARK and analyze the
REGISTER packet. it will show that user is able to add his
URL.
Fig (3): modified SIP with URL
5. Analysis of VoIP Forensics with Digital Evidence Procedure
(IJSRD/Vol. 1/Issue 4/2013/0020)
All rights reserved by www.ijsrd.com 888
A. Modified SIP REGISTER Packet
The following figure shows the packet captured during a
normal VoIP call scenario.
1) Client (UAC A) to server normal
Fig. (4) SIP INVITE from Client (UAC A) to Server
After modifying the code, when client will establish a call,
at that time after capturing the packet (client to server) and
analyzing it, it shows an extra field showing the hash value.
2) Modified SIP INVITE packet Client (UAC A) to Server
Fig. (5) Modified SIP INVITE from Client to Server
The below figure shows the comparative analysis of the
hash generated manually for the header packet to the hash
generated by client in SIP packet and both the values show
same result. This again shows the normal call establishment
between Servers to client (UAC B). It has been added to
show a comparative analysis of the packets virtue to the
header fields modified and the proposed result
When client will establish a call, at that time after capturing
the packet (server to client) and analyzing it, it shows URL
Fig. (5) SIP INVITE from Server to Client (end user)
field which is added by server and also shows the hash
already generated by client.
3) Modified SIP INVITE Packet from Server to Client
Fig. (6) Modified SIP INVITE from Server to Client
At this point, the generated hash is encrypted by client and
able to send along with the original header to the receiver
side and at receiver side, the encrypted hash is decrypted
and compared with the hash value contained in the original
header
REFERENCES
[1] R.Zhang, X. Wang, X. Yang, and X. Jiang. “Billing
attacks on SIP-based VoIP systems”. In WOOT ’07:
Proceedings of the first USENIX workshop on Oensive
Technologies, pages 1–8, Berkeley, CA, USA, 2007.
USENIX Association.
[2] Global NGN IP VoIP - Analyses Statistics and forecasts.
http://www.marketresearch.com/product/display.asp?pro
ductid=1513239&g=1 2007.
[3] D. Richard Kuhn, Thomas J. Walsh, Steffen Fries
“Security Consideration for Voice Over IP Systems”
National Institute of Standards & Technology.
Gaithersburg
[4] Paul Stalvig “Session Initiated Protocol – A Five Fun-
ction Protocol”
[5] Rakesh Arora “Voice Over IP Protocols and Standards”
[6] http://www.ietf.org/rfc/rfc3261.txt
[7] Jill Slay12, Matthew Simon1, David Irwin “Voice Over
IP And Forensics: A Review of Recent Australian
Work”, University of South Australia, Mawson Lakes,
SA 5095, AUSTRALIA.
[8] Prof. Dr. Even Eren, Dr. Kai-Oliver Detken “Voice-
over-IP Security Mechanisms – State-of-the-art, risks
assessment, concepts and recommendations”, 2007.
[9] A. Nemi, J. Arkko, V. Torvinen, '' Hypertext Transfer
Protocol(HTTP) Digest Authentication Using
Authentication and Key Agrement(AKA)”, IETF RFC
3310, 2002.