110 likes | 227 Views
MITP 458 : Information Security and Assurance. VOIP Xeon Group Rohit Bhat Ryan Hannan Alan Mui Irfan Siddiqui. VOIP. Overview - What is VOIP? Business Concern Security Issues Availability Attack example Current solution. Overview. VOIP
E N D
MITP 458 : Information Security and Assurance VOIP Xeon GroupRohit BhatRyan HannanAlan MuiIrfan Siddiqui
VOIP Overview - What is VOIP? Business Concern Security Issues Availability Attack example Current solution
Overview • VOIP • Protocol optimized for the transmission of voice through the Internet or other packet switched networks • Often used abstractly to refer to the actual transmission of voice (rather than the protocol implementing it) • Also referred to as IP telephony, Internet telephony, voice over broadband, broadband telephony, and broadband phone.
Business Concern • Highly complex communication • Critical communication should remain confidential • Data should remain accurate • Compliance issues along with privacy of users
Security Issues • Confidentiality • Broadband pipe serving the VOIP and data center services must offer transmission confidentiality. • Authenticity • Access to the data servers must offer fool-proof authentication. • Integrity • Voice quality and data accuracy is critical to the success of service offerings. • Availability • VOIP and data center servers must have industry standard uptime.
Availability • Why is it important • Emergency • Business • Sale • Communication • They type of attacks to VOIP • DoS Attack • Spit (Spam) • Fraud
Attack example • DoS attack • The most serious threat to VoIP is a distributed denial of service (DoS) attack • Can effect any internet-connected device • Floods networks with spurious traffic or server requests. • Usually generated by machines that have been compromised by a virus or other malware • Servers grind to a halt and ignore/cant process new requests due to increased traffic
Current Solution • vLAN • Isolate VoIP calls from other traffic in the network by creating a segregated vLAN • Also used to prioritize voice traffic and keep it up and running during a DoS attack. • Cons • Wasted bandwidth • Cost to implement and monitor
Current Solution Effective monitoring • Monitoring geographic destinations of VoIP traffic • Sudden changes in the overall geographic distribution of network traffic originating from inside the VoIP network could indicate that unauthorized users are abusing the system to commit toll fraud Cons • Increased cost due to labor intensive monitoring • False positive readings
Current solution Redundancy • Setup switches that will re-route the VOIP traffic when the main router/network is down. • In he event of a DOS attack all VOIP traffic will be switched to another network to prevent service interruption. Cons • Setup will require extra hardware and therefore more maintenance, cost, and labor • Load balancers, switches…
VOIP Questions?