Shethwala Ridhvesh, profile picture
Uploaded byShethwala Ridhvesh
PPTX, PDF1,035 views

Voip security

This document discusses security issues and solutions related to Voice over IP (VoIP) systems. It begins with an introduction to VoIP and how it works, describing the protocols used including SIP, H.323, MGCP and RTP. It then outlines various security attacks on VoIP systems such as eavesdropping, denial of service attacks, and masquerading. Finally, it discusses approaches to enhancing VoIP security, including using encryption, firewalls, authentication, and secure protocols like SRTP.

Embed presentation

Downloaded 66 times
voipSecurity Ridhvesh Shethwala – 15mcei27
Outlines Introduction What is Voip.? How Voip works.? Protocol used in Voip Security attack on Voip system How we can prevent it.? Conclusion Reference
Network Features PSTN (Voice) VoIP (Voice) Switch Circuit Switched Packet Switched Connection Connection Oriented Connection Oriented Bit Rate Fixed and low<=64kb/s Standard Bit Rate Bursts Nonexistent Error tolerance User error control Self error Control Info resending Can not (real time) It Can Delay Must be low and stable Very Less Delay
What is voip.? VoIP (Voice Over Internet Protocol) is an IP network based voice transmission technology, instead of the traditional analog telephone line, it allows people to make telephone calls through broadband internet connections. In other words, just installing network telephone software on the PCs at each end, people can talk through to each other through the IP network. With the development of network technology, network IP telephony grew from PC-PC to IP-PSTN, PSTN-IP, PSTN- PSTN and IP-IP, etc.
How Voip works.? Analog Signal Converting Analog to Digital Signal Compress Encode Packetization Transmitted through IP Network Decode Decompress Converting Digital to Analog Signal
HowVoip works.? (Cont.)
Protocolusedin Voip. RTP SIP MGCP H.323
RTP Real-TimeTransport Protocol (RTP) is an internet standard protocol, used to transfer real time data, such as audio and video. It can be used for IP telephony. RTP includes two parts: data and control.The control part is called RealTime Control Protocol (RTCP). VoIP uses protocols such as real-time protocol (RTP) and H.323 to deliver packets over the internet. It provides support for real-time applications, includes timing reconstruction, loss detection, security and content identification.
RTP (Cont.) RTP Header contains information of the payload, such as the source address, size, encoding type, etc. To transfer RTP packet on the network, we need to use User Datagram Protocol (UDP) to create a UDP header.To transfer UDP packet over IP network, we also need to create an IP header. RTP Data structure RTP Data in IP packet
RTP (Cont.) RTP FEATURES:- To provide end-to-end delivery service for real time data, such as audio and video. RTP uses time stamps and sequence numbers to implement reliable delivery, flow control and congestion control. RTP is only a protocol framework, it is open to new multimedia software. RTP and RTCP provide functionalities to deliver real time data. RTP and RTCP aren’t responsible for synchronization, or something like it which is the higher level task.
RTCP RealTime Control Protocol carries control information, which is used to manage the QoS. It provides supports for applications such as real-time conference. The supports include source identification, multicast- to-unicast translator, and different media streams synchronization. There are five types of RTCP packets:- I. RR: Receive Report II. SR: Sender Report. III. SDES: Source Description Items. IV. BYE: used to indicate that participation is finished. V. APP: application specified functions.
H.323 H.323 is a set of protocols for voice, video, and data conferencing over packet-based networks such as the Internet. The H.323 protocol stack is designed to operate above the transport layer of the underlying network. H.323 can be used on top of any packet-based network transport like Ethernet,TCP/UDP/IP, ATM, and Frame Relay to provide real-time multimedia communication. H.323 uses the Internet Protocol (IP) for inter-network conferencing.
H.323 (cont.) Scope of H.323 Point-to-point and multipoint conferencing support: Inter-network interoperability: Heterogeneous client capabilities Audio and video codecs: Management and accounting support: Security: Supplementary services
H.323 (CONT.) Authentication under H.323 can be either symmetric encryption- based or subscription-based. For symmetric encryption-based authentication, prior contact between the communicating entities is not required because the protocol uses Diffie-Hellman key- exchange to generate a shared secret identity between the two entities. With reference to the H.235 recommendation, a subscription-based authentication requires a prior shared secret identity, and there are three variations of this:  Password-based with symmetric encryption,  Password-based with hashing, and  Certificate-based with signatures
MGCP Media Gateway Control Protocol (MGCP) is a protocol used for controllingVoice over IP (VoIP) Gateways from external call control elements. MGCP is the emerging protocol that is receiving wide interest from both the voice and data industries. MGCP is a protocol for controlling media gateways from call agents. It superseded the Simple Gateway Control Protocol (SGCP) . In aVoIP system, MGCP can be used with SIP or H.323. SIP or H.323 will provide the call control functionality and MGCP can be used to manage media establishment in media gateways.
MGCP (cont.) Characteristics of MGCP: -- A master/slave protocol. -- Assumes limited intelligence at the edge (endpoints) and intelligence at the core (call agent). -- between call agents and media gateways. -- Differs from SIP and H.323 which are peer-to-peer protocols. -- Interoperates with SIP and H.323.
MGCP (cont.) MGCP provides:  Call preservation—calls are maintained during failover and failback  Dial plan simplification—no dial peer configuration is required on the gateway  Hook flash transfer  Tone on hold  MGCP supports encryption of voice traffic.  MGCP supports Q Interface Signalling Protocol (QSIG) functionality.
SIP The Session Initiation Protocol is a text-based signaling communications protocol, which is used to creation, management and terminations of each session. It is responsible for smooth transmission of data packets over the network. It considers the request made by the user to make a call and then establishes connection between two or multiple users.When the call is complete, it destroys the session.
SIP (CONT.) SIP can be used for two party (unicast) or multi party (multicast) sessions. It works in along with other application layer protocols that identify and carry the session media. The protocol itself provides reliability and does not depend onTCP for reliability. Also, it depends on the Session Description Protocol (SDP) which is responsible for the negotiation for the codec identification
SIP (CONT.) SIP Messages:-  REGISTER – Registers a user with a SIP server  INVITE – Used to invite to participate in a Call session  ACK – Acknowledge an INVITE request  CANCEL – Cancel a pending request  OPTIONS – Lists the information about the capabilities of the caller  BYE –Terminates a connection
SIP (CONT.) Services Provided by the SIP  Locate User  Session Establishment  Session Setup Negotiation  Modify Session  Teardown/End Session
Security Aspects ofVoIP
Security Aspectsin VoIP Server authentication: SinceVoIP users typically communicate with each other through someVoIP infrastructure that involves servers (gatekeepers, multicast units, gateways), users need to know if they are talking with the proper server and/or with the correct service provider.This applies to both fixed and mobile users.
Security Aspectsin VoIP (cont.) Voice confidentiality This is realized through encryption of the voice packets and protects against eavesdropping. In general, the media packets of multimedia applications are encrypted as well as voice data. Advanced protection of media packets also includes authentication/integrity protection of the payloads.
Security Aspectsin VoIP (cont.) Call authorization: This is the decision-making process to determine if the user/terminal is actually permitted to use a service feature or a network resource (QoS, bandwidth, codec, etc.). Most often authentication and authorization functions are used together to make an access control decision. Authentication and authorization help to thwart attacks like masquerade, misuse and fraud, manipulation and denial-of-service.
Security Aspectsin VoIP (cont.) Key Management:  This includes not only all tasks that are necessary for securely distributing keying material to users and servers, but also tasks like updating expired keys and replacing lost keys. Key management may be a separate task from theVoIP application (password provisioning) or may be integrated with signalling when security profiles with security capabilities are being dynamically negotiated and session-based keys are to be distributed.
Security Aspectsin VoIP (cont.) Masquerading: A masquerade is the pretense of an entity to be another entity. Masquerading can lead to charging fraud, breach of privacy, and breach of integrity. This attack can be carried out by hijacking a link after authentication has been performed, or by eavesdropping and subsequent replaying of authentication information. Using a masquerade attack, an attacker can gain unauthorized access to VoIP services. An attacker can steal the identity of a real user and obtain access by masquerading as the real user.
Security Aspectsin VoIP (cont.) Eavesdropping: Eavesdropping attacks describe a method by which an attacker is able to monitor the entire signaling and/or data stream between two or moreVoIP endpoints, but cannot or does not alter the data itself.
Security Aspectsin VoIP (cont.) Interception and Modification: These classes of attacks describe a method by which an attacker can see the entire signaling and data stream between two endpoints, and can also modify the traffic as an intermediary in the conversation.
Security Aspectsin VoIP (cont.) Denial of Service: A denial of service (DoS) attack is an attack that is conducted to deliberately cause loss of availability of a service. We identify DoS attacks at several levels; transport-level, server level, signaling level. Transport level: An IP-level DoS attack may be carried out by flooding a target, e.g. by ping of death or Smurf attack. Server level: Servers may be rendered unusable by modifying stored information in order to prevent authorized users from accessing the service.
Security Aspectsin VoIP (cont.) Misrepresentation: The term misrepresentation is generically used to mean false or misleading communication. Misrepresentation includes the delivery of information which is false as to the identity, authority or rights of another party or false as to the content of information communicated.
Security Solutionin VoIP  Confidentiality: Confidentiality can be achieved by using different encryptions techniques, which provide user authentication. For ex: a hash record key with a shared secret is used between the parties to prevent malicious users from call monitoring. Such measures should be taken to get confidentiality. Integrity: To protect the source of data we use Integrity that provides user authentication. It is used for origin integrity, and without integrity control, any non-trusted system has the ability to modify the different contents without any notice.
Security Solutionin VoIP (cont.) HTTP Digest Authentication: SIP uses HTTP Digest Authentication method to authenticate data, such as password. HTTP Digest authentication offers one-way message authentication and replay protection, but it doesn’t protect message integrity and confidentiality. By transmitting an MD5 or SHA-1 digest of the secret password and a random challenge string, HTTP Digest can protect password. Although HTTP digest authentication has the advantage that the identity of the user is encrypted, and transmitted in cipher text, but if the password is short or weak, by intercepting the hash value, the password can be decrypted easily.
Security Solutionin VoIP (cont.) S/MIME: (Secure/Multi-Purpose Internet Mail Extension)  MIME bodies are inserted into SIP messages. MIME defines mechanisms for integrity protection and encryption of the MIME contents. SIP can use S/MIME to enable mechanisms like public key distribution, authentication and integrity protection, confidentiality of SIP signaling data. S/MIME relies heavily on the certification of the end user. Moreover self certification is vulnerable to man-in-the- middle attack, so either the certificates from known public certification authorities (CAs) or private CAs should be used, so the S/MIME mechanism is seriously limited.
Security Solutionin VoIP (cont.) Firewall Firewalls are usually used to protect trusted network from un-trusted network. Firewalls usually work on IP andTCP/UDP layer, it determines what types of traffic is allowed and which system are allowed to communicate. Firewall doesn’t monitor the application layer. Since SIP needs to open ports dynamically, this enhances the complexity of firewall, as the firewall must open and close ports dynamically.
Security Solutionin VoIP (cont.) Some OtherWaysTo Protect:- To prevent message alteration established secured communication channel between communicating parties.To prevent media alteration and degradation use SRTP protocol. Use secured devices for communication and switching of voice as well as data. Use Strong authentication and password at device level. Change defaults passwords and enable SIP authentication. Use the devices which support SRTP cipher technique.
Security Solutionin VoIP (cont.) UseVLAN with 802.1x in internet to split data and voice traffic. DisableTelnet in the phone configuration, allow only to administrators.To avoid message tampering and voice pharming attack use encrypted transmitted data using encryption mechanisms like IPsec,TLS and S/MIME.
Security Solutionin VoIP (cont.)  for a secure session inVOIP we should take following measures:  Use and maintain anti-virus and anti-spyware programs.  Do not open unknown attachments of mails which have unknown or fake IDs.  Verify the authenticity and security of downloaded files and new software. Configure your web browser(s) properly by enabling/disabling the necessary cookies.  Active firewall session in your network and always place your back-up securely.  Create strong passwords and change them regularly and do not disclose such information publicly.
Conclusion VoIP system is low cost and less configuration than PSTN Network.VoIP is EmergingTechnology and contain some loop hopes so there are some attacks can possible on it. As in futureVoIP Replace the PSTN system it need better security. Using some of Secure protocols like SRTP and some advance Encryption standards, using firewall, end-to-end encryption we can make it secure.
References Cisco, “Overview of the Session Initiation Protocol”, September, (2002) David Gurle, Olivier Hersent, “MediaGateway to Media Controller Protocols”,August,(2003).  Rohit Dhamankar Intrusion Prevention: The Future ofVoIP Security White paper (2010)  PorterT “Threats toVoIP CommunicationSystems, Syngress Force EmergingThreat Analysis” ,pg. 3-25. (2006). Mark Collier,ChiefTechnologyOfficer Secure Logix Corporation, "BasicVulnerability Issues for SIP Security.pdf”,1 March (2005). VoIP Security and PrivacyThreat Taxonomy "Public Release 1.0 24 October 2005" (access 29 Jan 2012)
Voip security

More Related Content

ODP
Voip introduction
bydaksh bhatt
 
PPTX
VOIP
byGruppo Banca Sella
 
PPT
VOIP BASIC
bydhara patel
 
PPTX
Voip
byYasin Virani
 
PPTX
Voice over internet protocol (VoIP)
byNamra Afzal
 
PPTX
Voip powerpoint
byGW1992
 
PPTX
Voice-over-Internet Protocol (VoIP) ppt
byOECLIB Odisha Electronics Control Library
 
PDF
SIP - The Basics
byJonas Borjesson
 
Voip introduction
bydaksh bhatt
 
VOIP
byGruppo Banca Sella
 
VOIP BASIC
bydhara patel
 
Voip
byYasin Virani
 
Voice over internet protocol (VoIP)
byNamra Afzal
 
Voip powerpoint
byGW1992
 
Voice-over-Internet Protocol (VoIP) ppt
byOECLIB Odisha Electronics Control Library
 
SIP - The Basics
byJonas Borjesson
 

What's hot

PPTX
VoIP – vulnerabilities and attacks
byn|u - The Open Security Community
 
PPT
VOIP
byguest43d211
 
PPT
Vpn presentation
byKuldeep Padhiyar
 
PPT
VoIP Security
byDayanand Prabhakar
 
PDF
VPN - Virtual Private Network
byPeter R. Egli
 
PPTX
VOIP security
byRohit Gurjar
 
PDF
Telecom Security
byPriyanka Aash
 
PPTX
Firewalls in network security
byVikram Khanna
 
PPSX
Wireless Network Security
byGyana Ranjana
 
PDF
VoLTE Interfaces , Protocols & IMS Stack
byVikas Shokeen
 
PPT
Ipsec
byRupesh Mishra
 
PDF
VoIP Wars: Attack of the Cisco Phones
byFatih Ozavci
 
PPTX
Introduction to IoT Security
byCAS
 
PPTX
AAA Implementation
byAhmad El Tawil
 
PDF
Cisco Internet of Things
byPanduit
 
PDF
Different Types of Backhaul
by3G4G
 
PDF
Network security
byChristalin Nelson
 
PPT
Ipsec
byBaidyanath Dutta
 
PDF
Electronic mail security
byDr.Florence Dayana
 
ODP
C I D R
bycolmbennett
 
VoIP – vulnerabilities and attacks
byn|u - The Open Security Community
 
VOIP
byguest43d211
 
Vpn presentation
byKuldeep Padhiyar
 
VoIP Security
byDayanand Prabhakar
 
VPN - Virtual Private Network
byPeter R. Egli
 
VOIP security
byRohit Gurjar
 
Telecom Security
byPriyanka Aash
 
Firewalls in network security
byVikram Khanna
 
Wireless Network Security
byGyana Ranjana
 
VoLTE Interfaces , Protocols & IMS Stack
byVikas Shokeen
 
Ipsec
byRupesh Mishra
 
VoIP Wars: Attack of the Cisco Phones
byFatih Ozavci
 
Introduction to IoT Security
byCAS
 
AAA Implementation
byAhmad El Tawil
 
Cisco Internet of Things
byPanduit
 
Different Types of Backhaul
by3G4G
 
Network security
byChristalin Nelson
 
Ipsec
byBaidyanath Dutta
 
Electronic mail security
byDr.Florence Dayana
 
C I D R
bycolmbennett
 

Similar to Voip security

PPTX
VoIP (Voice over Internet Protocol)
byAbdullah Shah
 
PDF
ccna project
byAmardeep Singh Brar
 
PPTX
voice over internet protocol
byjomin mathew
 
PDF
AN OVERVIEW OF VOICE OVER INTERNET PROTOCOL (VOIP
bySean Flores
 
PDF
Security Issues In Voip
byWaqas Daar
 
PDF
VoIP for Beginners
byKingfin Enterprises Limited
 
PPTX
Voice over IP (VOIP)
byAhmed Ayman
 
PPT
Voice over IP: Issues and Protocols
byVideoguy
 
PPT
VOIP
byAugusto Seixas
 
PPTX
Voice over internet protocol (voip)3
byVishnu M Dinesan
 
PDF
Raisul Haq Rajib (063435056)
bymashiur
 
PDF
Voice over IP
byTogis UAB Ltd
 
PPTX
Seminar on Voip Challenges and Countermeasures
byDeepak Mishra
 
PPT
Voice Over IP Overview w/Secuirty
byChristopher Duffy
 
PDF
VOIP services
byPankaj Saharan
 
DOCX
VoIP Research Paper
byAashish Pande
 
PPT
Voip
byAbd17m
 
PPT
Voippresentation
byeliran2
 
PDF
1, prevalent network threats and telecommunication security challenges and co...
byAlexander Decker
 
PPS
A glance-at-voip
byNicola Marinelli
 
VoIP (Voice over Internet Protocol)
byAbdullah Shah
 
ccna project
byAmardeep Singh Brar
 
voice over internet protocol
byjomin mathew
 
AN OVERVIEW OF VOICE OVER INTERNET PROTOCOL (VOIP
bySean Flores
 
Security Issues In Voip
byWaqas Daar
 
VoIP for Beginners
byKingfin Enterprises Limited
 
Voice over IP (VOIP)
byAhmed Ayman
 
Voice over IP: Issues and Protocols
byVideoguy
 
VOIP
byAugusto Seixas
 
Voice over internet protocol (voip)3
byVishnu M Dinesan
 
Raisul Haq Rajib (063435056)
bymashiur
 
Voice over IP
byTogis UAB Ltd
 
Seminar on Voip Challenges and Countermeasures
byDeepak Mishra
 
Voice Over IP Overview w/Secuirty
byChristopher Duffy
 
VOIP services
byPankaj Saharan
 
VoIP Research Paper
byAashish Pande
 
Voip
byAbd17m
 
Voippresentation
byeliran2
 
1, prevalent network threats and telecommunication security challenges and co...
byAlexander Decker
 
A glance-at-voip
byNicola Marinelli
 

More from Shethwala Ridhvesh

PPTX
Anti phishing
byShethwala Ridhvesh
 
PPTX
TCP/IP performance over Optical Fiber
byShethwala Ridhvesh
 
PPTX
A Maximum Flow Min cut theorem for Optimizing Network
byShethwala Ridhvesh
 
PPTX
Col wiz ppt
byShethwala Ridhvesh
 
PPT
Green computing_ridhvesh
byShethwala Ridhvesh
 
PPTX
Politics in india
byShethwala Ridhvesh
 
Anti phishing
byShethwala Ridhvesh
 
TCP/IP performance over Optical Fiber
byShethwala Ridhvesh
 
A Maximum Flow Min cut theorem for Optimizing Network
byShethwala Ridhvesh
 
Col wiz ppt
byShethwala Ridhvesh
 
Green computing_ridhvesh
byShethwala Ridhvesh
 
Politics in india
byShethwala Ridhvesh
 

Recently uploaded

PPTX
UNIT-1.pptx...................................
byRavinderKaur647214
 
PPTX
cloud computing services and cloud types
bykswanthana
 
PPTX
STM Unit 2 Complete notes for engineering students for better understanding
byLakshmiVivekaKesanap
 
PPTX
STM Unit 1 Complete notes for engineering students for better understanding
byLakshmiVivekaKesanap
 
PPTX
SOFTWARE PROJECT MANAGEMENT PART 2-2.pptx
byssuserbafe2d
 
PPTX
Epec Engineered Technologies - Corporate Overview – 2026
byEpec Engineered Technologies
 
PDF
lecture on Microprocessor: 8288 bus controller
bysandeshupadhayay989
 
PPT
CHAPTER 09 - Digital signatures cryptography note
bySherin Wilson
 
PDF
BO049FHDMO 0.49 Inch Micro OLED Datasheet
bySyluxdisplay
 
PPTX
SOFTWARE PROJECT MANAGEMENT PART 1-.pptx
byssuserbafe2d
 
PPTX
narrow-band-dfr-presentation-megger.pptx
byssuser52ed331
 
PPTX
PVD MNA 501 Recipe Review with understanding
byNritaGaur1
 
PPTX
product design and development PL/CM ppt
byPalakNaik6
 
PPTX
lecture note on evaluation of project proposals
byMuhammed936900
 
PPT
Unit 1 - SHAPER, MILLING AND GEAR CUTTING MACHINES .ppt
byarivazhaganrajangam
 
PPTX
PEMET413 -COMPOSITE MATERIALS -KTU MOD 1 LECTURE 4.pptx
byVINAY B
 
PPT
plumbing design considerations for Federal High Court Sanitary PP.ppt
byMiku87
 
PPT
Solidification and Phase Diagram_Alber07.ppt
byMohamedKareemElAdham
 
PDF
RisaTakahashi_Food plating referencer: A Visual Plateware Selection System Ba...
byMatsushita Laboratory
 
PPTX
Module 1 AGGREGATES, DEFINITION, TYPES .pptx
bytkmmullonkal
 
UNIT-1.pptx...................................
byRavinderKaur647214
 
cloud computing services and cloud types
bykswanthana
 
STM Unit 2 Complete notes for engineering students for better understanding
byLakshmiVivekaKesanap
 
STM Unit 1 Complete notes for engineering students for better understanding
byLakshmiVivekaKesanap
 
SOFTWARE PROJECT MANAGEMENT PART 2-2.pptx
byssuserbafe2d
 
Epec Engineered Technologies - Corporate Overview – 2026
byEpec Engineered Technologies
 
lecture on Microprocessor: 8288 bus controller
bysandeshupadhayay989
 
CHAPTER 09 - Digital signatures cryptography note
bySherin Wilson
 
BO049FHDMO 0.49 Inch Micro OLED Datasheet
bySyluxdisplay
 
SOFTWARE PROJECT MANAGEMENT PART 1-.pptx
byssuserbafe2d
 
narrow-band-dfr-presentation-megger.pptx
byssuser52ed331
 
PVD MNA 501 Recipe Review with understanding
byNritaGaur1
 
product design and development PL/CM ppt
byPalakNaik6
 
lecture note on evaluation of project proposals
byMuhammed936900
 
Unit 1 - SHAPER, MILLING AND GEAR CUTTING MACHINES .ppt
byarivazhaganrajangam
 
PEMET413 -COMPOSITE MATERIALS -KTU MOD 1 LECTURE 4.pptx
byVINAY B
 
plumbing design considerations for Federal High Court Sanitary PP.ppt
byMiku87
 
Solidification and Phase Diagram_Alber07.ppt
byMohamedKareemElAdham
 
RisaTakahashi_Food plating referencer: A Visual Plateware Selection System Ba...
byMatsushita Laboratory
 
Module 1 AGGREGATES, DEFINITION, TYPES .pptx
bytkmmullonkal
 

Voip security

  • 1.
  • 2.
    Outlines Introduction What is Voip.? HowVoip works.? Protocol used in Voip Security attack on Voip system How we can prevent it.? Conclusion Reference
  • 3.
    Network Features PSTN(Voice) VoIP (Voice) Switch Circuit Switched Packet Switched Connection Connection Oriented Connection Oriented Bit Rate Fixed and low<=64kb/s Standard Bit Rate Bursts Nonexistent Error tolerance User error control Self error Control Info resending Can not (real time) It Can Delay Must be low and stable Very Less Delay
  • 4.
    What is voip.? VoIP(Voice Over Internet Protocol) is an IP network based voice transmission technology, instead of the traditional analog telephone line, it allows people to make telephone calls through broadband internet connections. In other words, just installing network telephone software on the PCs at each end, people can talk through to each other through the IP network. With the development of network technology, network IP telephony grew from PC-PC to IP-PSTN, PSTN-IP, PSTN- PSTN and IP-IP, etc.
  • 6.
    How Voip works.? Analog Signal ConvertingAnalog to Digital Signal Compress Encode Packetization Transmitted through IP Network Decode Decompress Converting Digital to Analog Signal
  • 7.
  • 8.
  • 9.
    RTP Real-TimeTransport Protocol (RTP)is an internet standard protocol, used to transfer real time data, such as audio and video. It can be used for IP telephony. RTP includes two parts: data and control.The control part is called RealTime Control Protocol (RTCP). VoIP uses protocols such as real-time protocol (RTP) and H.323 to deliver packets over the internet. It provides support for real-time applications, includes timing reconstruction, loss detection, security and content identification.
  • 10.
    RTP (Cont.) RTP Header containsinformation of the payload, such as the source address, size, encoding type, etc. To transfer RTP packet on the network, we need to use User Datagram Protocol (UDP) to create a UDP header.To transfer UDP packet over IP network, we also need to create an IP header. RTP Data structure RTP Data in IP packet
  • 11.
    RTP (Cont.) RTP FEATURES:- To provideend-to-end delivery service for real time data, such as audio and video. RTP uses time stamps and sequence numbers to implement reliable delivery, flow control and congestion control. RTP is only a protocol framework, it is open to new multimedia software. RTP and RTCP provide functionalities to deliver real time data. RTP and RTCP aren’t responsible for synchronization, or something like it which is the higher level task.
  • 12.
    RTCP RealTime Control Protocolcarries control information, which is used to manage the QoS. It provides supports for applications such as real-time conference. The supports include source identification, multicast- to-unicast translator, and different media streams synchronization. There are five types of RTCP packets:- I. RR: Receive Report II. SR: Sender Report. III. SDES: Source Description Items. IV. BYE: used to indicate that participation is finished. V. APP: application specified functions.
  • 13.
    H.323 H.323 is aset of protocols for voice, video, and data conferencing over packet-based networks such as the Internet. The H.323 protocol stack is designed to operate above the transport layer of the underlying network. H.323 can be used on top of any packet-based network transport like Ethernet,TCP/UDP/IP, ATM, and Frame Relay to provide real-time multimedia communication. H.323 uses the Internet Protocol (IP) for inter-network conferencing.
  • 14.
    H.323 (cont.) Scope of H.323 Point-to-pointand multipoint conferencing support: Inter-network interoperability: Heterogeneous client capabilities Audio and video codecs: Management and accounting support: Security: Supplementary services
  • 16.
    H.323 (CONT.) Authentication under H.323can be either symmetric encryption- based or subscription-based. For symmetric encryption-based authentication, prior contact between the communicating entities is not required because the protocol uses Diffie-Hellman key- exchange to generate a shared secret identity between the two entities. With reference to the H.235 recommendation, a subscription-based authentication requires a prior shared secret identity, and there are three variations of this:  Password-based with symmetric encryption,  Password-based with hashing, and  Certificate-based with signatures
  • 17.
    MGCP Media Gateway ControlProtocol (MGCP) is a protocol used for controllingVoice over IP (VoIP) Gateways from external call control elements. MGCP is the emerging protocol that is receiving wide interest from both the voice and data industries. MGCP is a protocol for controlling media gateways from call agents. It superseded the Simple Gateway Control Protocol (SGCP) . In aVoIP system, MGCP can be used with SIP or H.323. SIP or H.323 will provide the call control functionality and MGCP can be used to manage media establishment in media gateways.
  • 18.
    MGCP (cont.) Characteristics of MGCP: --A master/slave protocol. -- Assumes limited intelligence at the edge (endpoints) and intelligence at the core (call agent). -- between call agents and media gateways. -- Differs from SIP and H.323 which are peer-to-peer protocols. -- Interoperates with SIP and H.323.
  • 20.
    MGCP (cont.) MGCP provides:  Callpreservation—calls are maintained during failover and failback  Dial plan simplification—no dial peer configuration is required on the gateway  Hook flash transfer  Tone on hold  MGCP supports encryption of voice traffic.  MGCP supports Q Interface Signalling Protocol (QSIG) functionality.
  • 21.
    SIP The Session InitiationProtocol is a text-based signaling communications protocol, which is used to creation, management and terminations of each session. It is responsible for smooth transmission of data packets over the network. It considers the request made by the user to make a call and then establishes connection between two or multiple users.When the call is complete, it destroys the session.
  • 22.
    SIP (CONT.) SIP can beused for two party (unicast) or multi party (multicast) sessions. It works in along with other application layer protocols that identify and carry the session media. The protocol itself provides reliability and does not depend onTCP for reliability. Also, it depends on the Session Description Protocol (SDP) which is responsible for the negotiation for the codec identification
  • 24.
    SIP (CONT.) SIP Messages:-  REGISTER– Registers a user with a SIP server  INVITE – Used to invite to participate in a Call session  ACK – Acknowledge an INVITE request  CANCEL – Cancel a pending request  OPTIONS – Lists the information about the capabilities of the caller  BYE –Terminates a connection
  • 26.
    SIP (CONT.) Services Provided bythe SIP  Locate User  Session Establishment  Session Setup Negotiation  Modify Session  Teardown/End Session
  • 27.
  • 28.
    Security Aspectsin VoIP Server authentication: SinceVoIP userstypically communicate with each other through someVoIP infrastructure that involves servers (gatekeepers, multicast units, gateways), users need to know if they are talking with the proper server and/or with the correct service provider.This applies to both fixed and mobile users.
  • 29.
    Security Aspectsin VoIP (cont.) Voice confidentiality This isrealized through encryption of the voice packets and protects against eavesdropping. In general, the media packets of multimedia applications are encrypted as well as voice data. Advanced protection of media packets also includes authentication/integrity protection of the payloads.
  • 30.
    Security Aspectsin VoIP (cont.) Call authorization: This isthe decision-making process to determine if the user/terminal is actually permitted to use a service feature or a network resource (QoS, bandwidth, codec, etc.). Most often authentication and authorization functions are used together to make an access control decision. Authentication and authorization help to thwart attacks like masquerade, misuse and fraud, manipulation and denial-of-service.
  • 31.
    Security Aspectsin VoIP (cont.) Key Management:  Thisincludes not only all tasks that are necessary for securely distributing keying material to users and servers, but also tasks like updating expired keys and replacing lost keys. Key management may be a separate task from theVoIP application (password provisioning) or may be integrated with signalling when security profiles with security capabilities are being dynamically negotiated and session-based keys are to be distributed.
  • 32.
    Security Aspectsin VoIP (cont.) Masquerading: A masquerade isthe pretense of an entity to be another entity. Masquerading can lead to charging fraud, breach of privacy, and breach of integrity. This attack can be carried out by hijacking a link after authentication has been performed, or by eavesdropping and subsequent replaying of authentication information. Using a masquerade attack, an attacker can gain unauthorized access to VoIP services. An attacker can steal the identity of a real user and obtain access by masquerading as the real user.
  • 33.
    Security Aspectsin VoIP (cont.) Eavesdropping: Eavesdropping attacks describea method by which an attacker is able to monitor the entire signaling and/or data stream between two or moreVoIP endpoints, but cannot or does not alter the data itself.
  • 34.
    Security Aspectsin VoIP (cont.) Interception and Modification: Theseclasses of attacks describe a method by which an attacker can see the entire signaling and data stream between two endpoints, and can also modify the traffic as an intermediary in the conversation.
  • 35.
    Security Aspectsin VoIP (cont.) Denial of Service: Adenial of service (DoS) attack is an attack that is conducted to deliberately cause loss of availability of a service. We identify DoS attacks at several levels; transport-level, server level, signaling level. Transport level: An IP-level DoS attack may be carried out by flooding a target, e.g. by ping of death or Smurf attack. Server level: Servers may be rendered unusable by modifying stored information in order to prevent authorized users from accessing the service.
  • 36.
    Security Aspectsin VoIP (cont.) Misrepresentation: The term misrepresentationis generically used to mean false or misleading communication. Misrepresentation includes the delivery of information which is false as to the identity, authority or rights of another party or false as to the content of information communicated.
  • 37.
    Security Solutionin VoIP  Confidentiality: Confidentialitycan be achieved by using different encryptions techniques, which provide user authentication. For ex: a hash record key with a shared secret is used between the parties to prevent malicious users from call monitoring. Such measures should be taken to get confidentiality. Integrity: To protect the source of data we use Integrity that provides user authentication. It is used for origin integrity, and without integrity control, any non-trusted system has the ability to modify the different contents without any notice.
  • 38.
    Security Solutionin VoIP (cont.) HTTP Digest Authentication: SIPuses HTTP Digest Authentication method to authenticate data, such as password. HTTP Digest authentication offers one-way message authentication and replay protection, but it doesn’t protect message integrity and confidentiality. By transmitting an MD5 or SHA-1 digest of the secret password and a random challenge string, HTTP Digest can protect password. Although HTTP digest authentication has the advantage that the identity of the user is encrypted, and transmitted in cipher text, but if the password is short or weak, by intercepting the hash value, the password can be decrypted easily.
  • 39.
    Security Solutionin VoIP (cont.) S/MIME: (Secure/Multi-Purpose Internet MailExtension)  MIME bodies are inserted into SIP messages. MIME defines mechanisms for integrity protection and encryption of the MIME contents. SIP can use S/MIME to enable mechanisms like public key distribution, authentication and integrity protection, confidentiality of SIP signaling data. S/MIME relies heavily on the certification of the end user. Moreover self certification is vulnerable to man-in-the- middle attack, so either the certificates from known public certification authorities (CAs) or private CAs should be used, so the S/MIME mechanism is seriously limited.
  • 40.
    Security Solutionin VoIP (cont.) Firewall Firewalls are usuallyused to protect trusted network from un-trusted network. Firewalls usually work on IP andTCP/UDP layer, it determines what types of traffic is allowed and which system are allowed to communicate. Firewall doesn’t monitor the application layer. Since SIP needs to open ports dynamically, this enhances the complexity of firewall, as the firewall must open and close ports dynamically.
  • 41.
    Security Solutionin VoIP (cont.) Some OtherWaysTo Protect:- Toprevent message alteration established secured communication channel between communicating parties.To prevent media alteration and degradation use SRTP protocol. Use secured devices for communication and switching of voice as well as data. Use Strong authentication and password at device level. Change defaults passwords and enable SIP authentication. Use the devices which support SRTP cipher technique.
  • 42.
    Security Solutionin VoIP (cont.) UseVLAN with 802.1xin internet to split data and voice traffic. DisableTelnet in the phone configuration, allow only to administrators.To avoid message tampering and voice pharming attack use encrypted transmitted data using encryption mechanisms like IPsec,TLS and S/MIME.
  • 43.
    Security Solutionin VoIP (cont.)  for asecure session inVOIP we should take following measures:  Use and maintain anti-virus and anti-spyware programs.  Do not open unknown attachments of mails which have unknown or fake IDs.  Verify the authenticity and security of downloaded files and new software. Configure your web browser(s) properly by enabling/disabling the necessary cookies.  Active firewall session in your network and always place your back-up securely.  Create strong passwords and change them regularly and do not disclose such information publicly.
  • 44.
    Conclusion VoIP system islow cost and less configuration than PSTN Network.VoIP is EmergingTechnology and contain some loop hopes so there are some attacks can possible on it. As in futureVoIP Replace the PSTN system it need better security. Using some of Secure protocols like SRTP and some advance Encryption standards, using firewall, end-to-end encryption we can make it secure.
  • 45.
    References Cisco, “Overview ofthe Session Initiation Protocol”, September, (2002) David Gurle, Olivier Hersent, “MediaGateway to Media Controller Protocols”,August,(2003).  Rohit Dhamankar Intrusion Prevention: The Future ofVoIP Security White paper (2010)  PorterT “Threats toVoIP CommunicationSystems, Syngress Force EmergingThreat Analysis” ,pg. 3-25. (2006). Mark Collier,ChiefTechnologyOfficer Secure Logix Corporation, "BasicVulnerability Issues for SIP Security.pdf”,1 March (2005). VoIP Security and PrivacyThreat Taxonomy "Public Release 1.0 24 October 2005" (access 29 Jan 2012)