1 / 13

Security Threats in VoIP

Security Threats in VoIP. Omar Taghlabi CS555. What is VoIP ?. VOIP stands for Voice Over Internet Protocol It is a way of making phone calls over the internet It is referred to as IP Telephony or Internet Telephony

zuzela
Download Presentation

Security Threats in VoIP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Threats in VoIP Omar Taghlabi CS555

  2. What is VoIP ? • VOIP stands for Voice Over Internet Protocol • It is a way of making phone calls over the internet • It is referred to as IP Telephony or Internet Telephony • The first ever internet VoIP program was released in February 1995 by VocalTec Communications • VOIP use has gained substantial popularity over the years

  3. Why VoIP ? • VOIP is remarkably cheaper than POTS (Plain Old Telephone Service) • It provide many features without extra fees • Voicemail • Caller ID • Conferencing • Unlimited long Distance

  4. VoIP Service Types • Computer-Based VOIP Service • Residential VOIP Service • Mobile VOIP Service • Business VOIP Service and Solutions

  5. VoIP Problems and Pitfalls Compared to ordinary phone service, VOIP phone service is less reliable and most importantly less secure. • Voice Quality • Bandwidth Dependency • Power Dependency • Emergency Calls • SECURITY

  6. VoIP Security Threats In the book Voice over IP Security (Published by Cisco Press), the author Patrick Park identifies 4 main categories of security threats: • Threats against availability • Threats against confidentiality • Threats against integrity • Threats against social context

  7. VoIP Security Threats • Threats Against Availability These threats aim at VOIP service interruption, typically in the form of Denial of Service (DOS) • Call flooding • Protocol Fuzzing • Spoofed messages • Call hijacking • Server impersonating

  8. VoIP Security Threats • Threats Against Confidentiality These threats provide unauthorized means of capturing identities, patterns and credentials • Eavesdropping • Call Pattern Tracking • Data Mining • Reconstruction

  9. VoIP Security Threats • Threats Against Integrity These threats allow alteration of initial message and medias in the middle of the network • Message Alteration • Call rerouting • Call Black holing • Media Alteration • Media Injection • Media Degrading

  10. VoIP Security Threats • Threats Against Social Context These threat allow attackers to misrepresent himself as a trusted entity • VOIP Phishing aka Vishing • Registration hijacking • SPIT (Spam over Internet Telephony)

  11. Summary VoIP is a relatively new technology. It is still considerably unsecure than ordinary phone services. It has to deal with all the security problems of traditional data network plus the new security problem caused by new protocols and components. Businesses and individuals need to take necessary precautions when using this technology.

  12. Questions?

  13. References • http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/connect_employees_and_offices/what_voip_can_do_for_you/index.html • http://www.sans.org/reading-room/whitepapers/voip/security-issues-countermeasure-voip-1701 • http://en.wikipedia.org/wiki/Voice_phishing • http://voip.nyquist.ro/docs/Registration_hijacking_060105.pdf • http://www.techopedia.com/definition/13320/spam-over-internet-telephony-spit • Patrick Park, (2008)Voice over IP Security. Security best practices derived from deep analysis of the latest network threats, Cisco Press.

More Related