VoIP Security

3.1 VoIP Security

The VoIP have various security issues. And also many studies in this domain. Within the different motivation and different target, they have different points of views in this subject.

Some of them will analysis the issues, and some of them will discuss how to avoid them. The following is the keys of the related studies that we have referenced.

3.1.1 VoIP Security Analysis

To analysis the VoIP security issues, we can divide the issues into different classification to discuss. In “An Analysis of Security Threats and Tools in SIP-Based VoIP Systems [1]”

the authors provided a VoIP security matrix for our reference. All of the issues can be filled into the matrix. The issues could be happened in the Network Interface Layer, Network Layer, Transport Layer or Application Layer. And the vulnerabilities will affect three major areas as the following table. This thesis provides us an idea to classify our interception mechanism.

Our interception mechanism will break the confidentiality by the vulnerabilities of different network layers. The following table is the VoIP vulnerabilities classification. Our study will break the confidentiality and integrity and to do the interception.

Vulnerabilities affect area Description

Confidentiality The information could not be reachable by illegal user Integrity The information could not be modified

Availability The service could not be disturbed Table 3. The VoIP Vulnerabilities Classification

The vulnerabilities affect four layers of the TCP/IP networking model. They are Network Interface Layer, Network Layer, Transport Layer and Application Layer. There are a lot of vulnerabilities in each layer. And the following tables are the sample VoIP vulnerabilities matrix in the paper:

Layer Vulnerability Description

Data Link MAC Spoofing Media Access Control (MAC) address spoof to impersonating the devices

Internet IP Spoofing IP address spoof to impersonating devices Transport TCP Interception To sniff the TCP packet

Application SIP Call Hijacking To hijack a SIP call for the voice data Table 4. Confidentiality VoIP vulnerabilities matrix

Layer Vulnerability Description

Data Link ARP Spoofing ARP spoofing will corrupt the ARP data

Internet IP Spoofing Integrity can be compromised at the network layer by an IP address spoof

Transport TCP Interception To sniff the TCP packet and to modify it Application RTP Inserting To insert the Voice data to the RTP stream

Table 5. Integrity VoIP vulnerabilities matrix

Layer Vulnerability Description

Data Link ARP Spoofing Update the wrong ARP data to ARP table to make the wrong routing

Internet IP Spoofing Use wrong IP address to cause the wrong routing Transport TCP Flooding To create many TCP connection to hold the server

processing resource.

Application SIP Call Redirect Use the “BYE” or “REFER” command to terminate a call illegally

Table 6. Availability VoIP vulnerabilities matrix

“Vulnerability Analysis and Best Practices for Adopting IP Telephony in Critical Infrastructure Sectors [2]” describes the security issues. Also provide us many useful

recommendations for construct the VoIP network. Critical Infrastructure is a term that used by governments. It describes the essential for the functioning of a society and economy. And Critical Infrastructure includes food, water, telecommunication, energy, and transportation.

The following table is the summary of threats:

Threats Description

Protocol Attacks Most of the VoIP have their own vulnerabilities.

Application Attacks Java applets might be running on IP phones for supplementary services. Could be hacked.

OS Vulnerability The overflow might create a backdoor for the hacker to gain full control.

Spoofing on Different Layers

Spoofing can occur on different layers, the complicate identity will increase loading.

Unauthorized Component or User Introduction

Authorization determines what actions can be undertaken with various users.

Unauthorized Access to System Data

The system data, such as configuration files and

administrative data should be protected from attackers.

Eavesdropping and

Sniffing on Conversations

VoIP can open the doors for eavesdropping or sniffing on both signaling and voice.

Man-in-the-Middle The rogue proxy could collect the confidential information.

DoS (Denial of Service) DoS attack to a proxy server could lead to loss the availability of service.

Theft of Service The ability to make VoIP calls for nefarious purpose.

Table 7. VoIP Security Threats

And all of the vulnerabilities could be address to six security measures. They are Identification and Authentication, Authorization, Confidentiality and Integrity, Access Control, Availability and Security Management. The recommendations remind us the VoIP service providers have to create a secured network, and also care about the compatibility and scalability. In our thesis we will use the Protocol Attacks, Application Attacks and Spoofing on Different Layers to do the interception.

3.1.2 VoIP Security Issues

The signaling protocol is also unsafe in VoIP network. We use SIP as the target signaling protocol in this thesis. A simple spoofed BYE command can easily terminate a call illegally.

“A new authentication Mechanism and Key agreement protocol for Sip Using [3]” proposes an identity based cryptography to solve the authentication and key agreement issue in SIP.

The Cisco also have the white paper “Security in SIP Based Network [4]” to suggest the user to secure their VoIP network.

The authentication, IPSec and firewall are your countermeasures. “Convert channel for improving VoIP security [5]” provide you a solution to hide the information in your packet in VoIP network. All of these studies are discuss about the SIP protocol securities. We’ll also attack the SIP protocol using spoofed SIP redirect command or some other SIP protocol attacks referenced to these studies.

RTP is an application level protocol to carry audio or video data. In “Real-time Transport Protocol (RTP) Security [6]” discussed the RTP serious confidentiality, integrity and authentication issues. But all of the security features must concern about the performance issue. The complex mechanism may bring up the unacceptable delay and jitter, also serious damage the voice quality. “Study on SRTP and Design Key Exchange for Secure VoIP [7]”

discussed how to protect your privacy by Secured RTP. Also provide the measurement the latency of SRTP mechanism. We have been challenged that all of the interception will be useless if the end user uses the SRTP to do protection. Cryptography is not the target of our study. We’ll focus on the interception in the aspects of protocols, networks and telecomm. We do not talk about the cryptography. Our target is to collection the conversation data in the RTP flow. And if the recorded payload is encrypted, government can to use the super computer to do the decrypt.

Figure 6. The RTP Content

Figure 7. The SRTP Content

“VoIP security in Small Business [8]” reviews several kinds of the VoIP security issues.

Not only the vulnerabilities had we discussed before. The infrastructure could be the root cause of the risks. When your data package is traveling through the Internet, it is exposed itself to be an attackable target. The end user will also be the target of denial of service, flooding, eavesdropping and impersonation. The hacker might takeover the control of your computer by the operation system overflow bug. Human vulnerabilities are also a problem.

Easy to use and security always be a trade off, and most of the network management engineer will choose the easy one. And we would like to provide a software based VoIP interception without changing the infrastructure. So this thesis provides us the information of

infrastructure and management vulnerabilities to do the interception.